2

I'm using:

  • Windows 10 x64 Professional (in ad domain)
  • IIS 10
  • Web site is running under local user EPM_USER, everything works except Windows authentication

Configuration: enter image description here

When I try to from another computer which is also in AD domain with valid Active Directory, login fails: enter image description here

If I change application pool that it runs under ApplicationPoolIdentity, than it works:

Improve this question
5
  • 2
    Why run IIS on a Windows 10 machine? Windows 10 is not intended to function as a server. Commented Apr 4, 2022 at 19:15
  • If you’re running the application pool under a local user it doesn’t have credentials on the domain. When you run it as the applicationpoolidentity it uses the network service account which is basically the machine’s AD account. Use that, or use a domain account to run the app pool in. Commented Apr 5, 2022 at 2:23
  • 1
    More info: docs.microsoft.com/en-us/iis/configuration/system.webserver/… check the useKernelMode setting. Commented Apr 5, 2022 at 2:30
  • And more detail about why this does or does not work… docs.microsoft.com/en-us/previous-versions/windows/it-pro/… Your SPN has to be configured properly to use a different account and it will not work with a local user account as mentioned. Kerberos has specific requirements. Commented Apr 5, 2022 at 2:37
  • @Davidw usually I would run IIS on Windows Server, but just for testing scenario I'm running it in vmware virtual machine. Commented Apr 5, 2022 at 7:56

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.