Jump to content


Photo

Windows integrated Authentication to Director

Started by Stefan Wendrich , 12 September 2017 - 07:31 AM
7 replies to this topic

Stefan Wendrich Members

Stefan Wendrich
  • 250 posts

Posted 12 September 2017 - 07:31 AM

Hello,

 

i want to configure WIA to Director. The director is installed on the delivery controllers.

 

If i disable anonymous authentication and enabled windows authentication, i get an logon popup from my browser to enter my credentials, after that, i got the forms authentication page to enter my credentials again.

 

So single sign on is not really working. I tried to set an spn for the delivery controller, but doesnt work also.

And i created a service account and added here also an spn. Changed the application pool account to this service account, but the behavior is still the same.

 

How can i enable sso authentication to director ?



Frank Schifferstein Members

Frank Schifferstein
  • 580 posts

Posted 13 September 2017 - 01:39 PM

Hi Stefan

 

well, this all you'll need to do on the IIS Director's site actually

 

- What version of director  ? 

-  did you restart the iis after changing ?

- do you log in remotely (from another system or from the server/ddc itself) ?



Stefan Wendrich Members

Stefan Wendrich
  • 250 posts

Posted 13 September 2017 - 02:35 PM

Hi Frank,

 

director is 7.15. I restarted die hole director server and also did a iisreset. 

With chrome, i connected from a remote, but domain joined system. WIA with chrome works, but i have no passthrough login or with ie, a drop down field to select integrated authentication.

 

I also cleared the chrome temp cache.



Frank Schifferstein Members

Frank Schifferstein
  • 580 posts

Posted 13 September 2017 - 02:44 PM

So Chrome works, but is does not when using IE ? 

 

Does IE work too when logging onto the server direcly ?

Does FQDN do something ?



Stefan Wendrich Members

Stefan Wendrich
  • 250 posts

Posted 13 September 2017 - 03:20 PM

No no,
IE 11 works perfect. No popup and I have a drop down box to select integrated authentication.

This box is missing for chrome.

Bot access is from the remote clients

Frank Schifferstein Members

Frank Schifferstein
  • 580 posts

Posted 14 September 2017 - 08:28 AM

ok, now understood 

Well I can't reproduce due to a different logon method/mechanism; out of the box I get a normal Login request. 

 

Maybe this helps: http://www.carlstalhood.com/controller-77/#directorsson (maybe some delegation issue)



Stefan Wendrich Members

Stefan Wendrich
  • 250 posts

Posted 14 September 2017 - 09:51 AM

attached the login with ie (works perfect) and chrome. 

 

I think WIA must work in Chrome. Because if it did not work, a login popup occurs before the form login page will be displayed.

 

How does the login form looks by you with chrome and ie ?

Attached Thumbnails

  • Director login.png


Frank Schifferstein Members

Frank Schifferstein
  • 580 posts

Posted 14 September 2017 - 12:49 PM

IE -> pic 1 

Google Chrome -> pic2 

 

well, in fact IE passes me through completely ehen goggin in from another server; Chrom doesn't