Very strange authentication problem

[Guest]

Hi,

I have one It's Windows 2003 SP1 server called server1.domain.com. It's also
registered in the dns as server2.domain.com.

Using IE6 on this server I navigate to a site on this machine that requires
Windows Authentication. When navigating to the site on the machine I can
connect when going to http://server1.domain.com but not when going to
http://server2.domain.com. This only happens when we use IE on the server,
not from the workstations. *.domain.com is added to trusted sites. It works
with wfetch so it's IE related.

When connecting to server2.domain.com we can't get pass the login dialog. A
strange thing I have noticed is that it says "Connect to server1.domain.com"
in the window caption and "Connecting to server2.domain.com" in label above
the username.

Does IE get confused with the IP resolving/hostname in its authentication
roundtrips somehow? Can we somehow ease up on Enhanced Security
Configuration? We really need to use this setup on this particular server
because the site is being accessed using multiple hostnames. ASP.NET
applications are having the same problem which is the main problem (is
ASP.NET WebClient using IE settings?).

Thanks in advance,
- Manso

 

[Robert Aldwinckle]

....

Does IE get confused with the IP resolving/hostname in its authentication
roundtrips somehow?

This reminds me of the problem that IE has creating MD5 digests
when a URL includes an anchor. Perhaps in a similar way IE
is preparing a digest for a server alias which the other side
is not expecting?

Can you try a different method of authentication?

I suspect you would get more informed comment from a forum
which specializes in security or network admin.

FWIW here is a troubleshooter which may give you some clues too.
It includes a link to an XP networking newsgroup for followup questions.

http://www.michna.com/kb/


Good luck

Robert Aldwinckle
---