+ Post New Thread
Results 1 to 4 of 4
Windows Server 2008 R2 Thread, IIS7 Kerberos/NTLM authentication problem in Technical; We've got our intranet site running on IIS7, we have authentication enabled so that only staff can see the staff ...
  1. #1

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    2,806
    Thank Post
    774
    Thanked 547 Times in 427 Posts
    Rep Power
    260

    IIS7 Kerberos/NTLM authentication problem

    We've got our intranet site running on IIS7, we have authentication enabled so that only staff can see the staff page and students, the students page. Our primary school site, which is a seperate domain, with a trust, which runs over a wireless link, has been added appropriately to the permissions of the sites, but the loading performance at the primary site is very very poor. It takes minutes to load the pages. We've tried doing the ntlm non auth persist thing, which i think has made a small difference, but it's very little difference.

    Help!

  2. #2

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,970
    Thank Post
    113
    Thanked 490 Times in 336 Posts
    Blog Entries
    2
    Rep Power
    283
    NTLM is not an efficient protocol. For every single object retrieved, you'll see a deny, a challenge and an authentication response in your logs if you have full logging enabled. I've had a world of hurt getting Kerberos and NTLM working through Squid on Linux, but I digress.

    Kerberos is a much more effiecient protocol, network wise.

    For troubleshooting, get the 'Firebug' extension loaded up into Firefox on your clients and see what this says. I'm quite sure it will narrow down the problem.

  3. #3

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    2,806
    Thank Post
    774
    Thanked 547 Times in 427 Posts
    Rep Power
    260
    Thanks...

    We've tried that, removing the kernel mode auth, then selecting negotiate - kerberos, in the security means it prompts for username and password, so not quite what we had in mind... we are trying to fix that now :S

  4. #4

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,970
    Thank Post
    113
    Thanked 490 Times in 336 Posts
    Blog Entries
    2
    Rep Power
    283
    Quote Originally Posted by Oaktech View Post
    Thanks...

    We've tried that, removing the kernel mode auth, then selecting negotiate - kerberos, in the security means it prompts for username and password, so not quite what we had in mind... we are trying to fix that now :S
    Close the browser, kill existing Kerberos tickets with the command klist purge, then retry the browser.

SHARE:
+ Post New Thread

Similar Threads

  1. Office 2003 Proxy Authentication Problem
    By Stefletch in forum Office Software
    Replies: 8
    Last Post: 10th February 2007, 10:00 AM
  2. Exchange 2003 - Authentication problem
    By pooley in forum Wireless Networks
    Replies: 5
    Last Post: 20th July 2006, 05:44 PM
  3. MRBS + NTLM Authentication
    By Frazer in forum *nix
    Replies: 13
    Last Post: 29th June 2006, 02:00 PM
  4. Exchange 2003 Authentication Problems
    By paul in forum Windows
    Replies: 13
    Last Post: 24th May 2006, 06:23 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •