views:

173

answers:

1

How do I implement Integrated windows authentication using ASP.Net kerberos protocol & LDAP in IIS?

+2  A: 

Here's a couple things off the top of my head:

  • Make sure IIS isn't using anonymous access and that's selected for windows integration
  • Make sure your client browser is set to allow windows integration
  • Make sure you set your impersonation to true (don't use a username though!)
  • In AD, make sure your IIS server is trusted for delegation

That should get you going. If you have other app pools that are not using Kerberos on IIS, you will probably have to set the identity of your application's app pool with a new user other than the default (whose user needs to be trusted for delegation as well). Then you will have to do a SPN against it and potentially even a new DNS for the site all together. I know it sounds complex but this is what we did to get things up and going...

RailRhoad