Please bare with me, I'm IIS noob...
Symptom: When l go to http://FQDN I get prompted for credentials that doesn't seem to go anywhere. 3 Prompts and access denied
Configuration:
Auth settings - Anonymous (disabled), ASP.net impersonation (enabled), basic (disabled), Windows Auth (enabled)
Windows auth settings - Provider = Negotiate (1st), NTLM (2nd)
Web.config file = Allow users = * , providers also Negotiate, NTLM
Directory where the website is NTFS permission = Authenticated users FULL CONTROL
App pool run under service account
this is 443 and 80 (I enabled 80 just to rule out any SSL stuff)
SPN looks OK
HOST/SERVER_FQDN
HOST/SERVER_NetbiosName
For fun I added the below SPN although I've read its not necessary https://blogs.msdn.microsoft.com/chiranth/2014/04/17/setting-up-kerberos-authentication-for-a-website-in-iis/
HTTP/SERVER_FQDN
This webserver has multiple IP's and multiple websites, but each website is tied to its own IP.
Here's the catch (workaround):
We did Method 1 from this article to enable local Browse from the IIS manager to work: https://support.microsoft.com/en-us/kb/896861
After we do a local browse from IIS Manager which prompts for credential and allows us in, then all sudden everything works! I can remotely go tohttp://Server_FQDN and it works and will continue to work until IIS is reset or server reboot. Then we have to do a local browse again to get it working Weird????
Please help!
C