0

I need the following.

  • My Server 2012 with IIS 8 installed is in a workgroup.
  • Workstations are in a domain called 'hello.local'

I need for users in the domain 'hello.local', to be authenticated against the IIS on my Server 2012. This way, i can log who was on the website.

Which methods can i use? I'v read about NTLM and Kerberos, but never worked with it. Which do you prefer? And is this even possible if the server is in a workgroup?

Improve this question

1 Answer 1

Reset to default
0

It may be possible with a workgroup IIS server, but it would be VERY complex and much less secure.

NTLM will "just work" by default, if you turn off anon access and turn on windows integrate auth. Setting up kerberos is more secure but more work.

Improve this answer
2
  • The short version is that doing Windows Kerberos requires you to join a (/the) domain. Then it's all automatic and it'll just work. Without joining a domain, you might still be faced with authentication prompts from IE if you use a name with dots which isn't assigned to your Local Intranet Zone (but it should still work after the prompt) Commented Nov 22, 2016 at 12:49
  • Thnx. Is this a good tutorial: blogs.msdn.microsoft.com/chiranth/2014/04/17/… Commented Nov 22, 2016 at 15:25

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.