1

I'm trying to set multiple web sites up in an IIS 6.

I've got a working virtual site residing under the default web site, but if I create a new web site in IIS and assign it a host header value, let it point to the very same file structure as the previously mentioned site and finally assign windows integrated security only to the site, I still cannot log in to the new site using Internet Explorer 6 or 8 but Firefox 3.5 works fine.

In the web log I get these entries if I access the localhost site

2009-11-19 09:15:59 W3SVC1 127.0.0.1 GET /client/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 2 2148074254
2009-11-19 09:15:59 W3SVC1 127.0.0.1 GET /client/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 1 0
2009-11-19 09:15:59 W3SVC1 127.0.0.1 GET /client/Default.asp - 80 xxx\Administrator 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 200 0 0

If however I access via the host header value site I get prompted to login but the login fails and I also get an error 401 1 2148074252 which not present when it succeeds. Can this be the issue?

Pre login screen:

2009-11-19 09:15:59 W3SVC1793297778 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 2 2148074254
2009-11-19 09:15:59 W3SVC1793297778 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 1 2148074252
2009-11-19 09:15:59 W3SVC1793297778 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 1 0

Post login screen (note that win credentials have not been submitted):

2009-11-19 09:15:59 W3SVC1793297778 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 1 0
2009-11-19 09:15:59 W3SVC1793297778 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+2.0.50727) 401 1 2148074252

Firefox will try to access using anonymous access and will prompt for login, after submitting Windows credentials it all works fine.

For what reason is Internet Explorer so stubbornly refusing to submit credentials to the "Host header value" site? The site is in the Local intranet Zone and login is ticked for that zone.

No NIC teaming, no firewall, nothing. I'm clueless!

masegaloeh
  • 17,978
  • 9
  • 56
  • 104

1 Answers1

1

The error suggests an HTTP 401 (not authorised) response. So IE is definitely submitting credentials, it's the server that is rejecting them.

I'm guessing that Firefox is succeeding because it is using basic authentication, whereas IE is using NTLM authentication. Try disabling all authentication types for your "host header value" site except for basic.

Nexus
  • 850
  • 1
  • 8
  • 19
  • Hi, Thank you for your reply. I'll try what you sugges, a question though. Why is not the windows credentials showing in the web log? (it ought to show xxx\admionistrator not anonymous) I do submit them via the windows login form prompted. /Richard –  Nov 23 '09 at 10:27
  • Hi again, I've now tested with Basic auth only and as you suggested it worked, however this is not the setting I'd like to have, I don't want to submit credentals in the clear. Got any idea as to why the windows authentication fail? If the same site is a virtual site and only windows authentication is enabled, it works fine. –  Nov 23 '09 at 22:27
  • It may be the authentication is failing because you don't have access to that resource. Ensure that the item you're trying to access has NTFS permissions for your account to browse it. – Nexus Nov 24 '09 at 04:15