Policy Server Guides › Policy Server Configuration Guide › Authentication Schemes › Windows Authentication Schemes › Windows Authentication Scheme Prerequisites
Windows Authentication Scheme Prerequisites
Ensure the following prerequisites are met before configuring a Basic over SSL authentication scheme:
- For legacy WinNT directories or Active Directory in mixed mode:
- The user directory connection you create in the Administrative UI specifies the WinNT namespace.
- The requested resources are located on a Microsoft IIS Web server (4.0 or later) protected by a SiteMinder Web Agent.
- For Active Directories running in native mode:
- User data resides in an Active Directory.
- User directory connections must specify either an LDAP or AD namespace.
- The requested resources are located on a Microsoft IIS Web server (4.0 or later) protected by a SiteMinder Web Agent.
- Client and server accounts are enabled for delegation.
- Users must log in using Internet Explorer Web browsers (4.0 or later).
- To work on IIS6 in Windows 2003, the "Verified that file exists" option in the Wildcard Application Maps must not be set.
- Windows Authentication schemes also require that any virtual directory on the IIS web server that contains the creds.ntc file remain unprotected.
- Internet Explorer browser options are setup to allow automatic logon with a user's current username and password.
To configure automatic logon in Internet Explorer 5.x and 6.x Browsers
- From the menu bar in Internet Explorer, select Tools, Internet Options.
- The Internet Options dialog opens.
- Click the Security tab to bring it to the front.
- Select your Internet zone and click Custom Level.
- The Security Settings dialog opens.
- Scroll down to User Authentication, Logon.
- Select the Automatic logon with current username and password radio button.
- Click OK.
To configure automatic logon in Internet Explorer 4.x Browsers
- From the menu bar in Internet Explorer, select View, Internet Options.
- The Internet Options dialog opens.
- Click the Security tab to bring it to the front.
- Select your Internet zone from the drop down list.
- In the Internet zone group box, select the and click Custom radio button and click Settings.
- The Security Settings dialog opens.
- Scroll down to User Authentication, Logon.
- Select the Automatic logon with current username and password radio button.
- Click OK.