locked
SharePoint multiple logins using AD authentication RRS feed

  • Question

  • Long story short - this is NOT related directly to Office documents, but to SharePoint itself. We are offering website hosting to various customers. We are using AD to authenticate staff users, a child domain (one way trust) to authenticate external users. These users who manage the sites at one location keep getting login prompts. I am thinking I have to advise them to change the IE settings but anyone else have that experience? For 2010 we will be implementing a new security solution all together. FBA and NOT AD.
    Wednesday, February 2, 2011 8:55 PM

Answers

  • Switching to FBA from AD will not solve this problem.  The problem is not in the authentication method, but in the trust level of the browser settings.  If the users configured their browsers to set your site as a trusted site, then they login prompts will stop.

     


    I trust that answers your question...

    Thanks
    C

    http://www.cjvandyk.com/blog
    • Marked as answer by KathG Thursday, February 3, 2011 7:33 PM
    Wednesday, February 2, 2011 9:38 PM
    Answerer

All replies

  • Switching to FBA from AD will not solve this problem.  The problem is not in the authentication method, but in the trust level of the browser settings.  If the users configured their browsers to set your site as a trusted site, then they login prompts will stop.

     


    I trust that answers your question...

    Thanks
    C

    http://www.cjvandyk.com/blog
    • Marked as answer by KathG Thursday, February 3, 2011 7:33 PM
    Wednesday, February 2, 2011 9:38 PM
    Answerer
  • > For 2010 we will be implementing a new security solution all together. FBA and NOT AD.

    Does this mean you are asking about SharePoint Server 2010 ?

    Moderator pre-2010 forums


    SP 2010 "FAQ" (mainly useful links): http://wssv4faq.mindsharp.com/default.aspx
    WSS3/MOSS FAQ (FAQ and Links) http://wssv3faq.mindsharp.com/default.aspx
    Both also have links to extensive book lists and to (free) on-line chapters
    Thursday, February 3, 2011 9:27 AM
  • Have you tinkered with having those users access your site using a FQDN?  I've run into several authentication issues based solely on whether or not I've stipulated the full domain name when accessing the server.

    For instance, in some cases, if I try http://myserver, I'll get prompted for credentials, but if I try http://myserver.mydomain.com, I'll get no prompts.

    On that same note, maybe consider looking at your "Alternate Access Mappings" in Central Administration (under Operations | Global Configuration)?  Make sure you have alternate mappings for your child domain?

    Thursday, February 3, 2011 6:30 PM
  • Thank you all - I think it does have to do with the IE settings. We made their FQDN a trusted site and changed the security settings to not authenticate using current username and login (as I think it was confusing authentication with their AD on their network.) I believe this solved the problem. I am awaiting to hear more from them.
    Thursday, February 3, 2011 7:33 PM
  • I'm assuming you are not asking about SP 2010 despite the reference to it in your original post. (It would have helped if you had answered the question in my first post here)

    Please keep the pre-2010 forums free of all ancilliary comments on SP 2010. They - at the very least - confuse and at worse incite other people to post 2010 questions here.

    Moderator

    Please also come back when you hear from them so I can close the thread.


    SP 2010 "FAQ" (mainly useful links): http://wssv4faq.mindsharp.com/default.aspx
    WSS3/MOSS FAQ (FAQ and Links) http://wssv3faq.mindsharp.com/default.aspx
    Both also have links to extensive book lists and to (free) on-line chapters
    Thursday, February 3, 2011 9:50 PM