views:

35

answers:

1

Our production web servers ARE NOT part of the domain, but we'd like people to be able to log in automatically since they are logged into the domain on their PC.

Is there anyway to get the browser (IE7+) to send the appropriate information to the server (IIS6) so I can retrieve the ServerVariables["AUTH_USER"] or ServerVariables["LOGON_USER"]?

I presume the answer is no since if I set the security for windows auth to "on" and anonymous access to "off", then the server wouldn't know what do do with any user information for a domain which it has no knowledge of. I just want to know for sure before I give the SSO team a "not possible" answer.

A: 

I have implemented IWA for one of my projects and I am afraid the answer is NO, you can't use it when the server is in other domain.

IIS won't be able to communicate to the server through IWA in this case.

Mahesh Velaga
That's what I figured. I presumed since the server isn't in a domain at all, I wouldn't have an opportunity to grab the AUTH_USER from the request outside of an isapi filter or something.
jskentzos