This content has been marked as final. Show 3 replies
If your users are using Microsoft Browsers on Microsoft Desktops
connecting to a Microsoft Server, you can configure the web site in IIS
to use 'Integrated Windows Security'. Make sure you enable Integrated
Security and disable Anonymous Security. If all these parameters are
met then the web server will populate the cgi.auth_user with the user
name the user used to log into the domain from the desktop. You can
access this in ColdFusion with #cgi.auth_user#.
Thank you for your help- yes, all the above is true, and I have one question about the settings. The Website lives on another box separate from the Win2003 server, if that is an issue.
I don't want to bring the Website down because of a mistake editing the settings...
In IIS- I go the Websites/default Website /properties/directory security/ authentication and access control/ authentication methods - uncheck enable anonymous access and choose Integrated Windows Authentication?
This looks like I'm going to require a UN & PW for access to the entire Website- should I be doing this just to the directory in which the app itself lives?
Thanks again for your help.
I think the fact that the Active Directory resides on the Domain controller (named DC1) will be an issue.
The #cgi.auth_user# works on my local IIS/CF development environment because I'm logged into my local machine, but not when its on the production server, which would need to get through a firewall to see DC1.
Any possibility of still avoiding a second log-in?