I'm building a simple internal application for my company, and it requires Windows Authentication for security. All other authentication modes are disabled. I'm stuck in a situation where internet explorer prompts for credentials 3 times, then fails with this error:
Not Authorized
HTTP Error 401. The requested resource requires user authentication.
I then created a bare-bones website to test this out. I created a new site in IIS, put it on its own port (:8111, chosen at random), put one static "default.htm" file in there, disabled anonymous authentication, then enabled windows authentication. Everything else was left at default settings. The port number was assigned because we have multiple sites on this machine all sharing the same IP.
Here are a few scenarios:
Browsing from the web server itself, to http://localhost:8111/ works fine
Browsing from another computer, to http://ServerIPaddress:8111/ works fine
Browsing from another computer, to http://ServerName:8111/ FAILS (asks for credentials 3 times, then gives 401 error)
I've been searching online and trying to find a solution with no luck thus far. Either I haven't found it, or I don't understand well enough what I'm reading. Any help would be greatly appreciated.
Just worked out the solution with the help of a coworker after 2 days of fighting with this issue. Here is what he wrote:
There are 2 providers for Windows Authentication (Negotiate and NTLM). When setting the Website Authentication to Windows Authentication, while Windows Authentication is highlighted, click on the Providers link on the right pane or IIS Manager and move NTLM to the top. By default Negotiate is on top which is why you are getting an authentication prompt.