Trying to set up a site with both integrated and basic authentication
enabled (anonymous disabled of course).
When working on local network I want integrated auth. to act, and it does,
no problem.
Accessing site from outside of local network Basic auth. should kick in, and
it does, no problem. But Basic auth. does not listen to default domain. It
takes the local machinename as auth. domain.
Am I doing something wrong or is this the behaviour to expect?

Any help would be very appreciated!

Kjell

Hi,

If you enable both IWA and Basic, then the browser will pick the
authentication mechanism that it wants to use (well, sometimes they use the
first one listed, but IIS should list them in order of "strongest to
weakest", and IWA is always listed first, before basic). So, if you are
using IE, or Mozilla, then NTLM v2 (part of IWA) is always choosen over
Basic.

The way to get around this is to have two websites that point to the same
content. One has IWA enabled (http://intranet), and the other has Basic
enabled (http://intranet.mycompany.com). On the site that has Basic enabled,
you need to enter (in the IIS Manager), the name of your NT or Active
Directory domain that you want to use as the default authentication domain.

Cheers
Ken

[quoted text, click to view]