Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Forcing authentication

  Asked By: Hunter    Date: Aug 12    Category: Sharepoint    Views: 2272

Is it possible to force the authentication dialog in IE to appear when a
person enters SharePoint?

Share: 

 

5 Answers Found

 
Answer #1    Answered By: Bobbie Rodgers     Answered On: Aug 12

Yes. If you use Basic authentication  then u can give a popup to user
when ever he/she visits the site.

But there is a security problem that username and password will be sent
in a plain text format. If ur having SSL u can happily go with this.

 
Answer #2    Answered By: Bhumi Gokhale     Answered On: Aug 12

In IE go to tools--> Internet options --> Security --> custom level -->
scroll down to User authentication  -- enable prompt for username /pwd.

 
Answer #3    Answered By: Davon Henson     Answered On: Aug 12

Can someone help me with this?

Internal DNS: http://myweb <http://myweb/> points to the internal address,
192168.101.44

External DNS: http://myweb.joe.com" target="_blank" rel="nofollow">http://myweb.joe.com <http://myweb.joe.com" target="_blank" rel="nofollow">http://myweb.joe.com/> points to the
external facing proxy server. 65.99.95.55

When people from inside the network go to http://myweb , they don't get
prompted, since it looks at the windows login screen. That is great and I
want it that way.

But if they go to http://myweb.joe.com" target="_blank" rel="nofollow">http://myweb.joe.com <http://myweb.joe.com" target="_blank" rel="nofollow">http://myweb.joe.com/> or anything
that is statically href with a pretense of http://myweb/joe.com/" target="_blank" rel="nofollow">http://myweb/joe.com/*
<http://myweb/joe.com/" target="_blank" rel="nofollow">http://myweb/joe.com/*> , it will prompt them for a username and password,
which I don't want to happen. How can I fix that? I can't change the href
preference to start with http:/myweb/* because then external users (remote)
will not be able to view that page.

 
Answer #4    Answered By: Matt Prince     Answered On: Aug 12

There isn't a reliable way to do what you want. Internal users are not prompted
for authentication  for 2 reasons:

1) They are using NTLM authentication
2) The http://myweb/ URL is part of the Local Zone and IE sends authentication
automatically by default.

The external users are being prompted for one or both of the following
reasons:

1) They are using Basic authentication
2) The http://myweb.joe.com/ URL is part of the Internet Zone and IE does NOT
send authentication automatically by default

For #1 there is no guarenteed fix - you can try forcing  NTLM, but many
firewalls don't allow it, and Basic cannot authenticate without a prompt. For
#2, you'd need to change a setting in IE for every user, adding the URL to the
trusted sites list in IE.

 
Answer #5    Answered By: Brooks Bond     Answered On: Aug 12

As far as adding URLs to trusted sites list in IE, group policy is the best
way to go, if you can...
Here is how:

Method 2: Use Group Policy to Add the SitesCreate a policy to add the
Office Web sites to the *Trusted sites* zone. To do this, you can create a
local policy, or you can create a domain or organizational unit policy. To
create a policy in your domain: 1. Log on to a domain controller, and then
start the Active Directory Users and Computers utility. 2. Right-click the
domain or Organizational Unit where you want to create the Group Policy
object, and then click *Properties*. 3. Click the *Group Policy* tab, and
then click *New*. 4. Type a descriptive name in the *New Group Policy
Object* box (for example, type OfficeUpdate policy), and then press ENTER.
5. If you want to prevent this policy from being applied to certain users or
groups: a. Click *Properties*, and then click the *Security* tab. b. Add
the user or group that you want to *prevent* from having this policy
applied. c. For that user or group, click to clear the *Read* and the *Apply
Group Policy* check boxes in the *Allow* column of the *Permissions for
Authenticated Users* list. d. Click *OK*. 6. Click *Edit*. 7. Under *User
Configuration*, expand *Windows Settings*, expand *Internet Explorer
Maintenance*, and then click *Security*. 8. In the right pane,
right-click *Security
Zones and Content Ratings*, and then click *Properties*. 9. Click *Import
the current security zones and privacy settings*, click *Continue* after you
read the message stating that these settings will be ignored on computers
that do not have the enhanced security configuration feature enabled, and
then click *Modify Settings*. 10. Click *Trusted sites*, and then click *
Sites*. 11. In the *Add this Web site to the zone* box, type
http://officeupdate.microsoft.com, and then click *Add*. 12. In the *Add
this Web site to the zone* box, type http://office.microsoft.com, and then
click *Add*. 13. Click *Close*, and then click *OK*. 14. In the *Security
Zones and Content Ratings* dialog  box, click *OK*. 15. On the *File* menu,
click *Exit*. 16. Click *Close*, and then permit sufficient time for the
policy to propagate throughout the domain.
from here - support.microsoft.com/default.aspx

 
Didn't find what you were looking for? Find more on Forcing authentication Or get search suggestion and latest updates.




Tagged: