Problem with Integrated Windows authentication on SSL connection

[Guest]

I'm using a https web site with SSL certificate on a IIS 6 and now I'm
trying to configure the access to this site with "Integrated Windows
authentication". If I access the site from my notebook which is
connected to the LAN it works fine after I added the site to the
trusted sites in the IE of the local machine.
Next step is to connect the https site from out site the LAN with a
dialup connection to the internet. If the https site is in my trusted
sites settings I get the error message that the site can't be found.
If I try it again after I deleted the https site out of the trusted
sites I get a user logon window and already works fine.

This is the situation on some notebooks after installing WinXP SP2.
On these notebooks the IE has the version
6.0.2900.2180.XPSP_SP2_RTM.040803-2158

As I'am loged in with a cached domain profile I get the common dns error.
With a local user account which has th rights for login to the application
already works fine

On another notebook with WinXP SP2 it wokrs fine on both connections and
user accounts. Here the IE has the version
6.0.2900.2149.XPSP_SP2_GDR.050301-1519IS

All notebooks get their update via SUS in a domain.

Any ideas?
Matthias

 

[Guest]

Hi @ all,
now I've found the solution for my problem by a colleague wih knowledge in
single sign on projects.

The problem is that the DC is not reachable from outsite the lan to verify
the kerberos ticket.

On solution is to deactivate the kerberos function in the IIS. See also the
KB entry:
http://support.microsoft.com/?id=215383

Regards, Matthias