Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
elbertfjr22
Partner - Contributor III
Partner - Contributor III

IE 7 Integrated Windows Authentication

Hi Guys,

Anyone out there might have an idea why I'm experiencing this problem; QVS 9 SR2, IIS for the web server, NTFS authorization, IE 7 client browser. When I enable the Integrated Windows Authentication settings in the client browser (IE 7), I'm getting an extra login page when opening an application. Single sign-on is not working. When I disable it, everything is fine.

I have actually 2 QVSs installed. One is the production the other is a UAT. They are on a different subnet. The production server works fine with the Integrated Windows Authentication setting enabled (from client browser). The problem is only on the UAT server. The QVS and IIS configuration are exactly the same on the 2 setups.

Client is on a different subnet than the 2 QVSs.

Thanks a lot for your reply,

5 Replies
elbertfjr22
Partner - Contributor III
Partner - Contributor III
Author

Hi again guys,

Found this new behavior on my problem above:

If I launch Fiddler (to trace whats going on) the problem is not hapening. (It looks like it is avoiding to be traced.) But I sure there is a logical explanation to this.

Thanks again,

Elbert

Bjorn_Wedbratt
Former Employee
Former Employee

Hi Elbert,

Not sure if you checked it, but pay attention to the zone being used in IE and make sure you're in the Local intranet zone the whole time.

Also, when you say different subnet's do you mean different subnets (like 10.1.x.x and 10.2.x.x) or do you mean different sub-domains (like sub1.domain.com, sub2.domain.com)?

Btw, when do you recieve the login page? Is it when accessing Accesspoint, or when clicking on a document?

elbertfjr22
Partner - Contributor III
Partner - Contributor III
Author

Thank you Bjorn,

My reply:

Not sure if you checked it, but pay attention to the zone being used in IE and make sure you're in the Local intranet zone the whole time.

The URLs of my servers are in the Trusted Sites zone.

Also, when you say different subnet's do you mean different subnets (like 10.1.x.x and 10.2.x.x) or do you mean different sub-domains (like sub1.domain.com, sub2.domain.com)?

They are in the same domain, different subnets (like 10.1.x.x and 10.2.x.x)

Btw, when do you recieve the login page? Is it when accessing Accesspoint, or when clicking on a document?

When clicking on a document

Again, many thanks! 🙂

Bjorn_Wedbratt
Former Employee
Former Employee

Try moving the sites to Local Intranet zone. If you want to keep the sites in Trusted sites go Tools|Internet Options. Select Trusted Sites, and then click Custom Level. (you will define how authentication will work for all Trusted Sites). Go to the very bottom of the list of options and select the option to allow automatic logon with the current user name and password.

elbertfjr22
Partner - Contributor III
Partner - Contributor III
Author

Thanks again Bjorn,

I already changed the Custom level settings of the Trusted site to "Automatic Logon with current user name and password". As I mentioned above, the production QVS is not behaving the same way, where both of the URLs are in the Trusted sites.

I suspect some configurations in the routers or firewall or Kerberos. But I cannot pinpoint any area for the infrastructure team to check.

Thanks and regards,

Elbert