|
Posted by Roger Abell [MVP] on August 5, 2008, 2:37 am
Please log in for more thread options > I'm accessing the Certsrv pages from a Windows XP client, the CA is
> Win2K3 Enterprise. If I access it using FQDN or NETBIOS I get a basic
> challenge - and even with the correct credentials I can't logon (after
> clicking OK in the basic prompt it just re-appears again). If I
> access it using IP-Address, I get a basic challenge and I can access
> the site.
>
> Strange thing is, I've tried adding FQDN and NETBIOS into intranet
> zone, but it doesn't change the behaviour; using the IP address relies
> on the Internet zone.
>
> On the CA itself, I can access certsrv using NETBIOS or IP address,
> entering FQDN gives me a basic prompt and the same problem described
> above.
>
> I originally had the problems on IE6, so I upgraded to IE7 but the
> problems are exactly the same.
>
> Anyone had any similar problems with certsrv? Any ideas?
When you use IP you are forcing that Kerberos not be used.
Perhaps NTLM authentication is successful but when accessing other
than by IP Kerberos is result from the auth negotiation but then the login
via Kerberos is failing. Have you examined the security event log if it
is configured to record login failures?
| 
XML Sitemap