We have been spinning our wheels trying to get windows authentication working through ARR.
We've created a new domain account (appservices
)
ARR Server (srvarr
) using default app pool with user set to appservices
IIS Server (srvweb
) using default app pool with user set to appservices
We've run
setspn -s domain\appservices http://srvarr
and checking using -l
shows it registered for http://srvarr
srvarr
is set to use anonymous authentication
srvweb
is set to use windows authentication
Going directly to http://srvweb/healthCheck.txt
gives a 'Working!'
message
Trying to go to http://srvarr/healthCheck.txt
gives either a
502 - Web server received an invalid response while acting as a gateway or proxy server
or
401 - with prompt for credentials
If we turn on anonymous authentication
we get the 'Working!'
message from either http://srvweb/healthCheck.txt
or http://srvarr/healthCheck.txt
We've tried both NTLM and Negotiate and neither seem to work.