.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Easy Web
Imran Ghani
Post New Web Links

Kernel-Mode authentication without Kerberos

Posted By:      Posted Date: October 12, 2010    Points: 0   Category :SharePoint
 

I have installed a new SharePoint 2010 farm and am using NTLM authentication.  When i try to access CA i am asked to login 3 times. After doing so i have a blank screen.  I have seen many posts here and elsewhere with this same symptom and it looks like it is usually a problem with Kerberos, but i am not using that.

I have determined that if i enable kernel-mode authentication all seems to work. i have tested several times enabling and disabling kernel-mode authentication in IIS and it always works.  If kernel-mode is enabled i can get to CA if kernel-mode is disabled i cannot get to CA.  What is troublesome is i have read a few posts that say that for SharePoint Kernel-mode should be disabled. So my question is, should i have kernel-mode enabled on sharepoint iis web sites when i am not using Kerberos?  And what about this extended protection?

Steven Albrecht
University of Colorado Denver




View Complete Post


More Related Resource Links

Disable Kernel-Mode for Kerberos. Is this considered a best practice?

  

It is suggested in the following two posts, by MSFT folks, that for Kerberos to work you have to DISABLE Kernel-Mode.  Is this then considered a "Best Practice"?

http://blogs.msdn.com/b/chunliu/archive/2010/03/24/why-sharepoint-2010-not-use-kernel-mode-authentication-in-iis7.aspx?CommentPosted=true#commentmessage

 

http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/e3eb4b0a-03c3-4ddc-953f-b6e313ef2c6f

 


/bac

SSRS 2005 "Mixed" Authentication Mode

  

I have a web application where users can authenticate using either SiteMinder or Windows domain accounts.  This is actually configured as two separate virtual directories within IIS 6.  Both applications need to use the same instance of SSRS.  Is it possible to configure the SSRS web application so that if a user is authenticated by SiteMinder it impersonates a Windows account, but if they are already Windows-authenticated that account is used instead?


Windows 2008 R2 kerberos authentication

  
Hi i have install windows 200R2 with blackpearl but i have this issue with Kerberos Authentication the same account when using ie8 on the local machine allows me to login while the same credientials using ie7 & ie8 on remote machine will keep prompting for credentials; any advise on this?

SQL Server 2008 Windows Authentication Mode fails for Database Engine, error 18456

  
I installed SQL Server 2008 Developer Edition (10.0.1600.22.080709-1414) on a Windows Vista 32-bit development machine with Windows Authentication Mode only (no SQL Server Authentication).   Since this is a development machine, I saw no need for Mixed Mode when I did the install.  The SQL Server Management Studio allows me to login to Analysis Services, Integration Services, Reporting Services, BUT NOT the Database Engine!Windows Authentication for the Database Engine gives the following error: EventID: 18456Login failed for user MYDOMAIN\MYLOGIN'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: <local machine>]The 'fix' I have found online is to login as SA in SQL Server Authentication mode & add MYDOMAIN\MYLOGIN as a administrator for the Database Engine.  Unfortunately, I can't since I didn't install SQL Server Authentication mode (only Windows Authentication Mode).  It appears my only recourse is to uninstall, then reinstall in Mixed mode, then to login as SA in SQL Server Authentication mode & add MYDOMAIN\MYLOGIN as a administrator for the Database Engine. Before I do so, does anyone know of a better approach?Scott D Duncan

Login issue using authentication mode="Forms"

  
Hi,I am using authentication mode="Forms" with ldap, i manage to login and logour fine but when user 1 is logged and when user2 logs, user1 gets the user2 session. Any idea why this might be happening? Here is some code:     <authentication mode="Forms">            <forms name="login" loginUrl="Login.aspx" />        </authentication>        <authorization>            <allow roles="auditor"/>            <allow roles="approver"/>            <allow roles="user"/>            <deny users="?"/>        </authorization>        <identity impersonate="true"/>protected Boolean ValidateUser(String strUsername, String strPassword)        {            //Return true if the username and password is valid, false if it isn't             &n

Kerberos Authentication with WCF Client Fault Exception

  
Hello, I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL.   System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.    at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()    at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)    at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)    at Microsoft.Web.Services3.Security.EncryptedData.Decrypt() &nbs

WCF Kerberos Authentication Custom Binding

  
Hello,I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL. `System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.    at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()   at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)   at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)   at Microsoft.Web.Services3.Security.EncryptedData.Decrypt()   at Mic

kerberos authentication

  

Hi ALL,

I am new to ASP.Net web application and I need to learn Kerberos authentication urgently. I have gone thorugh the basic mechanism of it but I need a sample project to learn the kerberos authentication. Can anybody please help me in these...

Suppose, a web page containg text boxes for user Id and password..and when the form is submitted, Kerberos authentication is done for that user...a simple web application that uses kerberos authenticatino.

can anybody please help me by providing this type of sample application so that the coding part can be understood. 


mixed mode authentication

  

I'm trying to build the mixed authentication and have the following problem:

I have a sub application of main application. The main application has the forms authentication enabled and sub- application has windows authentication enabled.

When I start debugging in main application I get nothing and when I start debugging from sub application (name = WinLogin) - after string user = Request.ServerVariables["LOGON_USER"];

 

FormsAuthentication.RedirectFromLoginPage(user, true);

I'm redirected to   /Wholesale/WinLogin/Admin/Order.aspx instead of  /Wholesale/Admin/Order..

<authentication mode="Forms">

SQL 2008 - Switching to Windows Authentication Mode

  

I'm thinking of switching to Windows Authentication on my SQL 2008 server.  Here's my first draft at a plan:

1.  Create Windows accounts matching the exiting SQL accounts.
2.  Grant the new Windows accounts the appropriate database permissions.
3.  Change applications to use the new account information.
4.  Remove the SQL accounts
5.  Switch SQL to Windows Authentication

Is is that simple?  Or am I missing something?


Basic Authentication using security mode TransportCredentialOnly

  

i am trying to achieve username/password authentication using Basic as security mode in my config file. i have a requirement to make my service available on HTTP so HTTPS is not an option. The other requirement that i have is that the client should be authenticated (from a database so Windows authentication is not an option) using username and password that he will provide.

following is the code:

A class added in the service project:

public class ServiceValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            // This isn't secure, though!
            if ((userName != "mohsin") || (password != "mohsin"))
            {
                throw new SecurityTokenException("Validation Failed!");
            }
        }
    }

my service.config looks like this

<bind

Sql Server 2008 logs Authentication mode incorrectly avoids remote login

  

Im trying to connect SQL server 2008 Express R2 installed on XP sp3 pc through ODBC SQL Server driver with a Windows 7 PC. I managed to define static IP ports and setup firewall. Now the ODBC connection successfully gets created by accepting uid : sa and my password given.

Now Im getting "login failed for user ". " msg from my application. When I run the same application with same ODBC connection created in the SQL server PC it works fine. The two pcs operate in a workgroup.

Following  is the error log. Im surprised to note that the server logs its in Mixed mode initially and later makes a cry that its in Windows Authentication mode. !!!!

010-07-25 15:19:53.76 Server      Microsoft SQL Server 2008 R2 (RTM) - 10.50.1600.1 (Intel X86)
    Apr  2 2010 15:53:02
    Copyright (c) Microsoft Corporation
    Express Edition with Advanced Services on Windows NT 5.1 <X86> (Build 2600: Service Pack 3, v.3311)

2010-07-25 15:19:53.76 Server      (c) Microsoft Corporation.
2010-07-25 15:19:53.76 Server      All rights reserved.
2010-07-25 15:19:53.76 Server      Server process ID is 3552.
2010-07-25 15:19:53.76 Server      Auth

Mixed mode authentication in sharepint 2010

  

Hi,

Is it possible I have two mixed FBA in sharepiont 2010? For example, one custom membershipprovider reads data from Database1, the other custom membershipprovider reads from Database2?

Thank you

 


Rui

sql authentication mode

  

I wanted my local iis running application to connect my database in sql authentication mode rather than windows mode,

but it is showing errors of "

Cannot open database "aspnetdb" requested by the login. The login failed.
Login failed for user 'DBUser'.

". i also ublocked port from firewall,and allowed remote connection of mssql from sql manager, enabled TCP/IP and named piped protocols from SQL surface config, and with sql manager i also changed server authentication mode to sql from windows.

my datastring is <add connectionString="Data Source=PARTHIV-PC\SQLEXPRESS;Initial Catalog=aspnetdb;User ID=******;Password=******/" name="LocalSqlServer" providerName="System.Data.SqlClient" />

i made a user named DBUser in database as well

i don't understand where it gone wrong ???

here is error log

 Cannot open database "aspnetdb" requested by the login. The login failed.
Login failed for user 'DBUser'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Cannot op

SQL authentication mode

  

I wanted my local iis running application to connect my database in sql authentication mode rather than windows mode,

but it is showing errors of "

Cannot open database "aspnetdb" requested by the login. The login failed.
Login failed for user 'DBUser'.

". i also ublocked port from firewall,and allowed remote connection of mssql from sql manager, enabled TCP/IP and named piped protocols from SQL surface config, and with sql manager i also changed server authentication mode to sql from windows.

my datastring is <add connectionString="Data Source=PARTHIV-PC\SQLEXPRESS;Initial Catalog=aspnetdb;User ID=DBUser;Password=12qwaszx/" name="LocalSqlServer" providerName="System.Data.SqlClient" />

i made a user named DBUser in database as well

i don't understand where it gone wrong ???

error log

 Cannot open database "aspnetdb" requested by the login. The login failed.
Login failed for user 'DBUser'.
Description: An unhandled excepti

Website Windows Authentication fails when enabling SQL Mixed Mode.

  

Hello all,

Just to describe the scenario. I have a website. This lives on a webserver. On that webserver is an SQL server. The website connects to this database using windows authentication. I have written a windows form application that connects to the SQL Server on the webserver. This application is being run from a location on out intranet. The Winform application use SQL authentication to connect to the database. The SQL Server didn't have mix mode authentication enabled. So I enabled it. The winform application could now connect to the SQL Server.

This is where it starts getting a little strange.

The Website that was already connecting find using integrated authentication starts failing with:

Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

When you are enabling mixed mode authentication, you are adding another authentication method, why would the original Windows authentication fail?


Thanks for any suggestions and sorry if this is completely the wrong place to be asking this question,

d3

User mode name \\.\PhysicalDriveX mapping to kernel mode name \Device\HarddiskX\DRX

  

Hi all,

Using WMI api i got the list of all the Hard disk on my system and for each hard disk i got the Device ID which is of format "\\.\PhysicalDriveX" . This Device ID is i believe User mode name for that Hard disk, i wanted to get corresponding Kernel mode name for that Hard disk which is of format "\Device\HarddiskX\DRX". Is it the case that the value X is same for user and kernel mode ? If i have a Hard disk with Device ID "\\.\PhysicalDrive0", is it true that it corresponding kernel name will be "\Device\Harddisk0\DR0" or can it be something else other then 0 ?

 


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend