I am having trouble getting remote clients to connect successfully to an IIS WebDav site that is configured to use NTLM authentication.
I have configured access to the WebDav folder to allow certain Windows accounts access, and configured the IIS vDir to require Windows authentication. Unfortunately I have no control over the client application and am constrained to the following requirements:
- I must use NTLM (since I'm always using SSL, Basic authentication would probably be better, but I don't have that option).
- The client is not specifying the domain, only the username and password.
- the URL that is being used by the clients differs from the domain name that the accounts are located within (the site is https://foobar.com/Quz/ and the domain is BAT or BAT.BAZ.com).
Some clients seem to be able to connect successfully to the url, but others cannot. I haven't been able to determine any appreciable difference between the ones that work and the ones that don't. When I manually connect to the url in IE and type in the username "SomeUser" and password "SomePassword", authentication fails, and comes back with a prompt of "foobar.com\SomeUser". If I manually correct this to BAT\SomeUser, everything works fine.
I know that for basic authentication I can specify a "default domain" of BAT so that usernames that don't have a domain specified work against that domain, but I can't seem to do that for NTLM. What do I need to do?