With the release of ‘TS1110787 – Passing Win Auth Login on Web Client’ users will encounter an issue with enabling their environment properly. The following steps are required to correctly use Windows authentication. Instructions below are for Windows 2008, Windows 2008 R2 and Windows 2003
Steps to enable Windows Auth in Windows 2008 (IIS7)
1. Open Server Manager in Windows 2008, expand Roles, select Add Role Service upon r-clicking on Web Server (IIS). Then press install after checking Windows Authentication role.
And
2. While still in Server Manager, expand Web Server (IIS), click on IIS Manager, and navigate through to MachineName>Sites>Default Web Site>AutodeskDM. Select Services and Dbl-click on Authentication feature under the IIS section.
NOTE: Services is the only tree node that would need Windows Authentication enabled. It is not necessary to enable WinAuth on Default Web Site or AutodeskDM directories.
3. Ensure Windows Authentication is Enabled; right-click and select Enable if otherwise.
4. For Windows 2008 R2 set the required authentication mechanism on NTLM or Negotiate as shown with the next two pictures:
If one is missing click “Available Providers” select the provider and click Add
Ensure that they are listed in this Order:-
- 1. Negotiate
- 2. NTLM
If you have installed the “IIS Management Scripts and Tools” role in IIS, an alternative step 4, for setting the UI as shown in the above two screenshots, open a CMD prompt and execute the following commands (no quotes); if your website is other than ‘Default Web Site’, make the substitution prior to running each command:
A) “C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site/AutodeskDM/Services" -section:system.webServer/security/authentication/windowsAuthentication /+"providers.[value='Negotiate']" /commit:apphost”
B) “C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site/AutodeskDM/Services" -section:system.webServer/security/authentication/windowsAuthentication /+"providers.[value='NTLM']" /commit:apphost”
5. In Internet Explorer, set web browser security settings to automatic logon with current user name and password
Windows Server 2003 (IIS6)
1. Right-click on the WinAuth folder under AutodeskDM\Services inside of IIS and select Properties. Choose the Directory Security tab and click Edit under Authentication and Access Control.
2. Ensure that only Integrated Windows Authentication is enabled.
3. Using Notepad, Open file C:\Program Files (x86)\Autodesk\ADMS Professional 2011\Server\Web\Services\WinAuth\web.config **Drop the (x86) if using 32 bit**
4. Change <identity impersonate="true"/> to <identity impersonate="false"/>
5. Save the file, then Close notepad.
6. Select the Application pool used by the AutodeskDM website, Right-Click and select Properties.
7. Increase the time the worker process will recycle (Suggested value of 17400).
8. Stop IIS . [using command iiisreset /stop]
9. Delete the folder: C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\autodeskdm_services
10. Starts IIS. [using command iiisreset /start]
Subscribe
Comments