• State Suggested Answer
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 62 subscribers
  • Views 1161 views
  • Users 0 members are here
Options
Related

ARSweb not working for managed domain

naveed.siddiqui
11 months ago

Hi All,

I have recently added a managed domain in an existing AR server. I can manage it from the console but I am unable to authenticate using the managed domain credentials. It does not give any error, just keeps prompting for username/password although I have given it many times. I have confirmed multiple times the account username and password is correct.

Is there any configuration missing, how does IIS forwards the auth request to the managed domain ? I may be missing some configuration

Appreciate your help 

Parents
  • 0 11 months ago

    This is a common problem where the IIS server and Active Roles service are on two different hosts.  Is that your situation?

    Even if not, you will probably find this article helpful.

  • 0 11 months ago in reply to naveed.siddiqui

    Hi  

    Basic Authentication will always prompt for credentials. but should access a user name and password (with the username in the format Domain\Username).

    As for Windows Authentication, are you able to confirm if a user from the domain that Active Roles is installed it can successfully access the web page without entering credentials (when Windows Auth is enabled, ASP.NET impersonation is enabled, and all other disabled)? 

    When Windows Auth is enabled, if its prompting for credentials this usually means that the users Kerberos token couldn't be passed to the web server, or a token issue. 

    The URL of the Active Roles website should be in either "Local Intranet" or "Trusted Site" zone, as these sites allow your windows token to be shared with the web server.

    If we now look at the user trying to access the web interface from one of the other manage domains, could you let me know the trusted relationship between the environments (if any)?

Reply
  • 0 11 months ago in reply to naveed.siddiqui

    Hi  

    Basic Authentication will always prompt for credentials. but should access a user name and password (with the username in the format Domain\Username).

    As for Windows Authentication, are you able to confirm if a user from the domain that Active Roles is installed it can successfully access the web page without entering credentials (when Windows Auth is enabled, ASP.NET impersonation is enabled, and all other disabled)? 

    When Windows Auth is enabled, if its prompting for credentials this usually means that the users Kerberos token couldn't be passed to the web server, or a token issue. 

    The URL of the Active Roles website should be in either "Local Intranet" or "Trusted Site" zone, as these sites allow your windows token to be shared with the web server.

    If we now look at the user trying to access the web interface from one of the other manage domains, could you let me know the trusted relationship between the environments (if any)?

Children
No Data