Hello, I do want to start off by saying this is completely out of my area as I've never really worked with any ASP.net sites and hosting off IIS is also new to me. The site we currently have deployed is c#.net and was written back in 2005-2007, I have never used c# to create any ASP.net sites however I was going to start learning it but it seems that now it is more apparent to use MVC instead of webforms. The question I have regarding this area is that our site uses windows authentication and Active Directory to authenticate users and is also hosted locally and not public facing so we have no login. As of 2 or 3 weeks ago it randomly (we have no idea of any events that would have caused this and we are sure there was no change to any of the script) started not working in chrome for 90% of the people and for the other 10% it "worked" if you tried to update a status or a ticket chrome would pop up an alert box with a username and password blank asking for username and password. For 10% of people that will work and authenticate but for the other 90% it never actually lets them authenticate. It seems to work fine in internet explorer and we haven't tested in firefox yet. Does this sound like something that was caused from a chrome update or maybe an update to IIS? It has worked without a problem for at least 7 years no problem and then it just stopped functioning properly. Can anyone shed some light on this situation.

Looking at the results from rproffitt's query, the tenth one down seems promising: Windows Authentication with Chrome and IIS.

In summary, check that 'NTLM' appears before 'Negotiate' in the list of Windows authentication providers for your site. Open IIS manager and navigate to your site > IIS > Authentication > Windows Authentication, and then select 'providers...' from the Action panel.

Is this still something supported in IIS 6.0? Unfortunately since this site was written the server hasn't been changed and is still running IIS 6 and yes it is also running 2003 (I know it's no longer supported and risky). We are working on getting a new 2012 server setup for this site but we are not sure how migrating it over will be since we don't have much of the decomplied source code which in tern means any small problems popping up with a new version of IIS or SQL as well as addressing any previous errors becomes extremely difficult for us. We've tried recompling parts of the source we do have but none of it recomplies as any VS compilers we use spit out tons of errors. Assuming we don't end up getting this fixed I believe our next option is write a new site for the new server. The only reason we haven't done that from the start is because of how little time we have to work on projects such as this but we will probably end up having to make time and get one working as soon as possible.

Edited 11 Months Ago by toxicandy

@toxicandy.

I've lost count of how many company internal web sites fault like this only to discover the developer is long gone. The usual is to find what works then issue a company process guide that tells the users to use IE, Firefox or what works.

Sometimes the company just does that and doesn't migrate for another decade.

That said, over the years I've taken pain and time to document "How to build" the apps I've deployed over the years. You can imagine that after a decade even I won't remember such detail and sometimes I read my now ancient "How to build and deploy" document and wonder who wrote it. Then I remember and go "Oh, that was me."

It's funny reading what you wrote as it is almost as though you're watching our company, google chrome stopped working with the site so my boss sent out a "work around" and just asked people to use internet explorer instead as it should work. I am still fairly new programming as I am a sophomore in computer engineering, I have a good amount of languages down at a basic level but so far none of my classes have really gone into any in depth concepts. Though I "know" C# the whole integration with ASP still looked sort of overwhelming when I first started programming. Watching a few videos on MVC stilled looking a little different then the programming I am used to but I need to learn it sometime so I will probably be trying to pick it up over the next few weeks.

I also know the feeling about looking back at old work, it's always interesting for me to look back after a year or so at past work and see just how it can be improved and deploy a whole new style of programming to it.

IIS 6 appears to use Negotiate/NTLM by default. If you want to disable Negotiate then I would try setting the NTAuthenticationProviders property in the metabase to "NTLM", instead of "Negotiate/NTLM" or undefined. I couldn't see this as an option within IIS 6 manager so I guess you'll need to use an admin script.

The following article details how to enable Negotiate/NTLM on IIS 6, but hope it provides enough clues for disabling it too: http://support.microsoft.com/en-us/kb/215383

Further reading: Integrated Windows Authentication (IIS 6.0)

Edited 11 Months Ago by LaxLoafer: Broken link.

This article has been dead for over six months. Start a new discussion instead.