Hi! Try using a "intranet"-adress like http://portal/ The important stuff seems to be that the http-adress must be WITHOUT any dots (.). With http://intranet.portal you would get an extra login-prompt. I discovered this when doing an Intranet-portal to a customer. I haven't found any documentation on this , not even from Microsoft so I really can't tell you why this is the case. I hope this information helps! Best regards /Gustav Wiberg -----Original Message----- From: Sean Cotter [mailto:scotter@xxxxxxxxxxxxxxx] Sent: Thursday, December 13, 2007 9:20 PM To: php-windows@xxxxxxxxxxxxx Subject: using AD/Windows authentication - multiple prompts The end of this message is something I posted on the TextPattern forums but is a php/iis issue really. The long-short of it is I am trying to run an intranet site and use the Active Directory security on the server to restrict users to just my people. When running a dynamic site (TXP, WordPress, something home-brewed) the user is asked for credentials several times as the page loads... where it's just one prompt for static pages (ending in php, htm, html, etc). On the same server, running some simple ASP stuff doesn't get the mutiple prompts. Is there some kind of keep-alive setting or something that I am missing? I really can't if it's IIS or PHP. Here is what I posted on the TextPattern site: I know that Windows/IIS doesn't get much love here. but I was hoping someone can help me out. I have a Server 2003/IIS6/PHP/mySQL setup that I have used for a couple years now and it's been great. I am working on a small intranet site to host some policy documents, org charts, etc. I want to secure the site via Acive Directory authentication (possibly via SSL but that's later) but am having trouble. In the best case scenario I have to enter the user/pass three times before I can enter the site. On IE the site loads in stages, on FF (Win) it is blank then loads completely after the third user/pass challenge. I think that there is a new challenge/response for each portion or level the of site structure - meaning that the first response is for index.php and the root level, then a pw request from the images folder and one from the textpattern folder. I am inclined to think that is what is going on because on IE you can see the Powered With image load after the last password attempt. The clarify, this isn't using any of the TXP security, just built-in Windows directory security. I made a duplicate site, this time with just basic html pages and folders (nothing dynamic, no php blog software, etc) - I applied the same security settings as above and was greeted with a logon prompt (what I wanted) and was able to logon fine; receiving just the one password request- I could click around and few static pages fine, no password prompts. I put a different blog software (not TXP, but PHP based) a few folders deep and was able to navigate to it (I had directory browsing on) but once I got to index.php I was prompted to login again and several more times as the page loaded. Does anyone have any idea what is going on? thanks in advance Sean ps. in standard form (anon access turned on) TXP works fine - creating new entries, file uploads, etc. -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
