The other day I was helping a client setup their fax environment and ran into an interesting issue. The server that we installed the software was windows 2008 R2 and the core software went great. There is a web client that they also wanted to have installed so I kicked off the install and everything appeared to install as well. In 2003, it would automatically enable windows authentication by default. This would allow users to automatically login to the web applications if their account exists in windows.
Well, in windows 2008, the application does not do this. Instead, you need to set this up manually. In earlier versions of windows, windows authentication is added as a feature automatically. In windows 2008, it is an installable module. I had to go into the IIS roles and check windows authentication. Once this was done, it required a restart of the IIS services. I then went into the website instance and enabled windows authentication. Once done, the web application worked as expected.
I wonder why this option is no longer installed automatically by windows. I understand that Microsoft is continually trying to make IIS more secure, but I’m not entirely sure that this was a good move. By default, website instances are setup as anonymous access and you need to allow other authentication methods. If anonymous access and another authentication method is checked, the website breaks. Therefore, I just don’t understand why windows authentication is not installed as a default installation.
March 6th, 2010 at 9:59 am
Microsoft Windows Server 2008 R2 is the most advanced Windows Server operating system yet, designed to power the next-generation of networks, applications.