Is it possible to use Integrated Windows Auth when Server isn't on the domain?

Question

Our production web servers ARE NOT part of the domain, but we'd like people to be able to log in automatically since they are logged into the domain on their PC.

Is there anyway to get the browser (IE7+) to send the appropriate information to the server (IIS6) so I can retrieve the ServerVariables["AUTH_USER"] or ServerVariables["LOGON_USER"]?

I presume the answer is no since if I set the security for windows auth to "on" and anonymous access to "off", then the server wouldn't know what do do with any user information for a domain which it has no knowledge of. I just want to know for sure before I give the SSO team a "not possible" answer.

Answer 1

I have implemented IWA for one of my projects and I am afraid the answer is NO, you can't use it when the server is in other domain.

IIS won't be able to communicate to the server through IWA in this case.