I have an intranet site deployed to IIS in Windows Server 2008r2.
I would like to use AD authentication. Currently, the site is only running on my development VM which is NOT joined to the a domain.
Within InetMgr I have set "Anonymous Authentication" to "Disabled" and "Windows Authentication" to "Enabled" at both the "Default Web Site" level and the application into which my website is deployed. Enabled Providers are set as Negotiate and NTLM.
I have configured the site to run in an application pool for which I have allocated to run under the local account "scv.BizTalk". This account has full access to the local folder that contains the website.
On browsing to the site, I am challenged for credentials and the receive a 401.2 error.
In the event log I see the following:
Event code: 4007
Event message: URL authorization failed for the request.
Event time: 18/12/2015 14:58:42
Event time (UTC): 18/12/2015 14:58:42
Event ID: fdcfe3ec19ef498ca0c0d66ffca3e961
Event sequence: 2
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1/ROOT/EsbPortal-1-130949242820806218
Trust level: Full
Application Virtual Path: /EsbPortal
Application Path: C:\BizTalkersTFS\TVS\TVS.ESB.BamPortal\TVS.ESB.BamPortal.Website\
Machine name: TVS-QAN0CEQNRJC
Process information:
Process ID: 15256
Process name: w3wp.exe
Account name: TVS-QAN0CEQNRJC\svc.biztalk
Request information:
Request URL: http://localhost/EsbPortal
Request path: /EsbPortal
User host address: ::1
User: TVS-QAN0CEQNRJC\Administrator
Is authenticated: True
Authentication Type: Negotiate
Thread account name: TVS-QAN0CEQNRJC\svc.biztalk
Custom event details:
In the IIS log I see the following:
2015-12-18 14:58:03 ::1 GET /EsbPortal - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/47.0.2526.106+Safari/537.36 401 0 0 2045
2015-12-18 14:58:42 ::1 GET /EsbPortal - 80 TVS-QAN0CEQNRJC\Administrator ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/47.0.2526.106+Safari/537.36 401 0 0 16
2015-12-18 15:02:28 ::1 GET /favicon.ico - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/47.0.2526.106+Safari/537.36 404 0 2 214
2015-12-18 15:02:29 ::1 GET /EsbPortal - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/47.0.2526.106+Safari/537.36 401 0 0 408
Could anyone please advise what I've missed in my configuration? Perhaps the fact that my dev VM is not joined to a domain is causing the problem but I don't think this should be the case. I think the client should be able to authenticate using a local account?