Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Spsextranet tool

  Asked By: Code    Date: Aug 06    Category: Sharepoint    Views: 786

I used the SPS Extranet tool from Microsoft to create the settings for a
FQDN address. It did it's thing with no errors, but now when I visit the
site via the FQDN I get prompted for a username and password. I remember
reading something about this earlier, but of course I can't find the
solution now.



12 Answers Found

Answer #1    Answered By: .net Guru     Answered On: Aug 06

As a followup, I'm running this in an Intranet environment. Is there
a security setting that I can change?

Answer #2    Answered By: Renata Burt     Answered On: Aug 06

By definition, it's supposed to ask for username  and password. As I
understand it, the only way NTLM authentication can work is through netbios
access to SPPS. NTLM stands for NT Lan Manager, and Lan Manager is Netbios
way of doing things. At least, that's how I understand it.

Answer #3    Answered By: Lazaro Rutledge     Answered On: Aug 06

Integrated Windows Authentication does not work in IE when there is a
dot (.) in URL's hostname. I don't think that's easy to change.

Answer #4    Answered By: Karin Kerr     Answered On: Aug 06

I have what I think is a related question.........
We currently use Windows integrated authentication on our Sharepoint server,
I am always prompted  for a user name/password when I first logon, but often
(for no discernible reason) I keep getting prompted to re-enter my user name
and password  details. This happens most frequently when I have opened a
document in Sharepoint and then close the internet explorer window that I
opened it in. Does anyone have any ideas how I can get round this or even
what kind of things I need to look into further??

Answer #5    Answered By: Vinod Kumar     Answered On: Aug 06

I had the same problem when some of URLs (those entered by users and
admins; standard configuration is ok) pointed to FQDN. Changing them to
relative URLs (i.e. with no hostname part) helped.

Answer #6    Answered By: Jeffery Hayes     Answered On: Aug 06

Are you using an FQDN or server name?

Answer #7    Answered By: Mohini Tiwari     Answered On: Aug 06

By design, basic authentication or integrated windows when going with a FQDN
does not persist across IE instances. Integrated windows authentication
when using Netbios names (ie no domain part) doesn't persist either, but
it's able to use the credentials of your local logon, if it's a domain
account, and subsequently pass to Sharepoint for roles.

In fact, you can try it yourself:

http://server/wksp <http://server/wksp> - should not ask for
http://server.domain.com/wksp <http://server.domain.com/wksp> - should
ask for authentication

If anyone knows a way to utilize internal NT login information with the FQDN
WITHOUT the popup box, you would be granted many beers from many nations.

Answer #8    Answered By: Natasha Bennett     Answered On: Aug 06

Fix for the login prompt:

In Internet Explorer, go to Tools-->Internet Options-->Security Tab-->Local
Intranet-->Sites-->Advanced-->Add *.company.com (as listed in your FQDN) to
the list of trusted sites. This should take care of the pesky pop-up.

Answer #9    Answered By: Angel Matthews     Answered On: Aug 06

Further to everyone's replies, I've been using the internal server name to
access our Sharepoint site, and we use a fixed IP address  to access
Sharepoint when off-site. Am i right in thinking that if this IP address is
added to the list of trusted sites (not those specific to the intranet zone)
in Internet explorer security options then this problem should no longer
occur when off-site?
Many thanks for everyone's replies.... this has been really bugging me and
I've spent hours fruitlessly going through Sharepoint, IIS and Kerberos
documentation to try and find  an answer.
Oh by the way, I understand that IIS security defaults to using Kerberos,
but unless Active Directory is being used on the server I haven't been able
to find a way to get at the Kerberos settings, anyone know a way round this?

Answer #10    Answered By: Ravindra Salvi     Answered On: Aug 06

We use the FQDN at all times for our SharePoint INTRANET. I would think if
you used two different urls, if you run reports, they would not be accurate
because log files would be located in more than one area.

If the site is an intErnet site (not intrAnet), I'm not sure if my fix will
solve the popup issue.

Answer #11    Answered By: Rahul Sharma     Answered On: Aug 06

The procedure described below will only work for INTRANET. If you are
off-site, you are going to be prompted  either way because you are not
logged onto your network. If you want to get rid of the prompt when you
are logged onto the network, you can use the procedure below and in
addition to that, you might also want to do the following:

Under Local Intranet, click on the Custom Level button. Scroll all the
way to the bottom and you will see a section called User Authentication,
make sure you select Automatic logon with current username  and password.
This will get rid of your prompt for INTRANET.

Answer #12    Answered By: Jagjit Phutane     Answered On: Aug 06

Also keep in mind that accessing SPS from URL IP address  is not
supported by MS... Only NETBIOS or FQDN. Also, regardless of what you
change in trusted sites, access by IP address will ALWAYS prompt for

Didn't find what you were looking for? Find more on Spsextranet tool Or get search suggestion and latest updates.