Integrated windows authentication problem

[KateRK]

We have a Windows 2000 server in an Active directory
domain. It is serving in the role of an IIS server with a
custom, Intranet web application, based on SQL 2000. We
use integrated windows authentication against entries in
the SQL database to allow access.

It seems that once a week or so, the server stops serving
up pages to users who have valid IDs in the SQL database
but whose PDCs are located outside of our local area
network. Users whose PDCs are on the local area network
(within our building) have no problems accessing the
application. These PDCs are a mix of AD and NT 4.0 servers.

Normally, a restart of the system clears the problem which
indicates to me that some type of cache or buffer is
filling up but we don't know this for sure. Today, I had
to do a cold boot of the machine to get the application
authenticating again.

Any ideas what is wrong?

This is our first application on an AD machine.

 

[Brent Mills]

I know that if the web site that you are connecting to is not listed as an
intranet zone in IE then integrated authentication can have problems. This
is usually because there is a security setting under the internet zone that
allows automatic logon only to the local intranet sites. I would have to
refresh my memory on how IE determines what zones are local but I think it
has something to do with the suffixes that you have added to your lookups.
Hope this helps.

 

[Guest]

The logon seems to work fine for everyone until about one
week passes. Then only those who are on the local network
can access the server until it is rebooted. So I'm not
sure that intranet zones are causing the problem.