Today I responded to a customer who has an internal intranet. The customer has no issues accessing the intranet page from IE7, IE8, or IE9 - However when upgrading to Internet Explorer 10, the users are now getting prompted for username and password using windows authentication even though the user account the user is logged in with has access to the website hosted on Internet Information Services (IIS).
The following screenshot shows the logon authentication prompt presented from Internet Explorer 10 when attempting to access the organisations internal intranet.
Internet Explorer 10 by default allows credentials to automatically pass through to all "intranet" pages, however "internet" pages do not pass through credentials for security reasons. To see if Internet Explorer is treating the page as an "intranet" page or "internet" page, right click on the page error message (depending if you typed your credentials in or not) and click properties.
In the properties section of the page it will display what zone is currently configured. As you see below, Internet Explorer is treating the "intranet" page for this customer as an "internet" page and hence the user is getting prompted.
Now one fix for this problem is to simply go to Internet Options, Internet, Custom Level and set the User Authentication --> Logon to "Automatically logon with current user name and password". Whilst this will solve the problem it will lead to credentials of the current logged in user to pass over the Internet, not such a good idea!
A better fix is to configure your "intranet" page which is being treated as an "internet" page as an "intranet" page within Internet Explorer. This can be done by going to Internet Options, Local Intranet, Sites, Advanced.
In the advanced page add your local intranet page.
In this policy setting enter the intranet address you want to add to the Local Intranet settings as we did manually above along with a value. The values are represented as follows:
1 = Intranet zone
2 = Trusted Sites zone
3 = Internet zone
4 = Restricted Sites zone
As we want to add the site to the Intranet Zone we enter a value of 1.
Upon the next Group Policy refresh, all workstations will now no longer get prompted when attempting to access the Intranet page.
Hope this blog post has been helpful for people experiencing the same problem.
The following screenshot shows the logon authentication prompt presented from Internet Explorer 10 when attempting to access the organisations internal intranet.
Internet Explorer 10 by default allows credentials to automatically pass through to all "intranet" pages, however "internet" pages do not pass through credentials for security reasons. To see if Internet Explorer is treating the page as an "intranet" page or "internet" page, right click on the page error message (depending if you typed your credentials in or not) and click properties.
In the properties section of the page it will display what zone is currently configured. As you see below, Internet Explorer is treating the "intranet" page for this customer as an "internet" page and hence the user is getting prompted.
Now one fix for this problem is to simply go to Internet Options, Internet, Custom Level and set the User Authentication --> Logon to "Automatically logon with current user name and password". Whilst this will solve the problem it will lead to credentials of the current logged in user to pass over the Internet, not such a good idea!
A better fix is to configure your "intranet" page which is being treated as an "internet" page as an "intranet" page within Internet Explorer. This can be done by going to Internet Options, Local Intranet, Sites, Advanced.
In the advanced page add your local intranet page.
Problem fixed - Internet Explorer will no longer prompt for Authentication when accessing the local Intranet.
Applying fix to all computers
Now you want to apply this configuration to all computers on your domain. This can be done using Group Policy using the "Site to Zone Assignment List" group policy setting. This setting is located under:
Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List
1 = Intranet zone
2 = Trusted Sites zone
3 = Internet zone
4 = Restricted Sites zone
As we want to add the site to the Intranet Zone we enter a value of 1.
Upon the next Group Policy refresh, all workstations will now no longer get prompted when attempting to access the Intranet page.
Hope this blog post has been helpful for people experiencing the same problem.
Is there a way that I can add sites and still leave end user the ability to add their own sites. When I tried this it locked the settings down for the end users.
ReplyDeletehttp://www.grouppolicy.biz/2012/07/how-to-configuring-ie-site-zone-mapping-using-group-policy-without-locking-out-the-user/
Deletethank you for this advice
ReplyDeleteit worked!
thank you, too.
ReplyDeleteSame problem and the solution works for me!
Andrew you would need to create a script to add the sites to ensure policy does not take over end user control.
ReplyDeleteYou can add the extries a registry entries in a GPO.
ReplyDelete- HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\security_mmc.exe; Intranet=1, Internet=2
- HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ESCDomains\security_mmc.exe; Intranet=1, Internet=2
Thanks. It worked.
ReplyDeleteIs this different for IE11? I cannot get it to work
ReplyDeleteI had the same problem, and when I turned the firewall off the problem was solved, turning it off shouldn't be the solution and yet it's a temporary solution until we know how to configure it.
ReplyDeleteit is nice blog. It has provided me all the information which are required to correct the intranet . Thanks for sharing the valuable knowledge.
ReplyDeleteThanks
ReplyDeleteNice blog. This is very useful.
ReplyDeletevisit us for windows troubleshooting.
Online computer troubleshooters
Cheap Technical Support Online
Online Computer Technical Support
I'm assuming this will fix one of our user's access troubles. She has IE 10, and it works fine for everyone on IE 9 and IE 11 (as far as I know). We may roll out the specific site through group policy. Thanks for the idea!
ReplyDeleteIt did fix her problem! (P.S. It would be nice if this article would be updated for IE 11 and whether it applies.)
DeleteI rolled this out as a group policy domain-wide, but one user is still being prompted for credentials in IE and is getting flat out denied in Chrome. This is just one user. His internet settings do show that they are maintained by the group policy and the site is located in the intranet zone. Strange how it works for everybody but him.
ReplyDeleteFor Chrome, you may try editing the registry under HKEY_LOCAL_MACHINE | SOFTWARE | Policies. Under Policies, create a key called Google and then a key under Google called Chrome and then a string for Chrome called AuthNegotiateDelegateWhitelist. So the full item will be HKEY_LOCAL_MACHINE | SOFTWARE | Policies | Google | Chrome with a REG_SZ (string) object under Chrome. Set the value of the string to your site. Note: some users report this makes Chrome unstable, so only try this as a last resort.
DeleteThank you very much for this. I would like to add that in my case, sites that had been added in the old Internet Explorer Maintenance settings needed to be removed for this to take effect.
ReplyDeleteBangalore web Zone is a web site design and website development company with considerable knowledge in developing web-site and using powerful digital marketing & enterprise growth strategies for our customers.We’re professionals when it comes to marketing and advertising and technology but more important we’re zealous about using our knowledge to make your brand much better.
ReplyDeleteweb development firm | Website development company
And you're obviously zealous about spamming. No-one in their right mind is going to use "Bangalore Web Zone" now.
DeleteHi This website is really nice.
ReplyDeleteAxcom-provide intranet software solutions in switzerland for small business-one intranet software solution | The simple, all-in-one intranet software solutions
This is very much great and hope fully nice blog. Every body can easily found her need able information. I am visit first time but I fond many use full article. I will back again when get time.great post.Never knew this, thanks for letting me know.
ReplyDeleteI have an issue where an a single intranet site prompts for credentials, but only over direct access, lan is fine. It started after we changed the site to a fqdn. After research we discovered that its profile related and is resolved by deleting the profile. I'm looking for a registry or file location that may be causing this. Any suggestions
ReplyDeleteDownload New Windows 10 Keygen/Crack 2015 Free Working Here:
ReplyDeletehttp://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
Download New Windows 10 Keygen/Crack Free Working Here:
ReplyDeletehttp://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
http://dlhack.com/download/windows-10-crack
Very useful tips and informative,worth to read.Thanks for the share.Website Designing Company|Graphic Design Company in Bangalore
ReplyDeleteWe are the fastest growing organization in the present market and providing the technical support for the customers’ computers across the globe.
ReplyDeleteSystem performance is very slow/freezing/not responding Windows 7
We are the proficient web development company in India, that offers an extensive range of services like web application development, website designing, e-commerce solutions.
ReplyDeleteWeb Development in India|SEO Company India
Thank you for sharing the useful information...Am got the lots of information in your article...Keep sharing..
ReplyDeleteWebsite Designing Company Bangalore | Website Design Companies Bangalore
Good Article, Thanks for sharing this
ReplyDeleteWeb Application Development Company
really a very informative post ,keep it up man
ReplyDeleteMagento Web Development | Ecommerce Web Development
Well done nice explanation for your creative info blog thanks for sharing
ReplyDeleteiam expect more in future....
Web
Development Company Bangalore|Web
Design Company Bangalore
kareena dresses designs
ReplyDeletePunjabi Dresses For Girls and Salwar kameez fashion
Umsha Wedding Dresses lovely dresses images
kareena dresses designs
ReplyDeletePunjabi Dresses For Girls and Salwar kameez fashion
Umsha Wedding Dresses
, best fashion forladies images Stylish Fashion Trend ,
WINTER SEASON FASHION STYLE
GIRLS ORIGINS FASHION STYLE
WINTER SEASON FASHION DRESSES
LONG WINTER SEASON COATS
MAKEUP IDEAS FOR WESTERN GIRLS
MEHENDI DESIGNS FOR EID COLLECTION
EID UL ADHA FOOTWEAR
LADIES WEDDING PARTY OUTFITS
YOUNG GIRLS FRONT BUTTON SKIRTS FASHION
Bonanza Clothes For Girls
Dress For Women By Elan
Eye Makeup For Girls
Beauiful Watches For Pretty Girls
ReplyDeleteThanks a lot for sharing such a good source with all, i appreciate your efforts taken for the same. I found this worth sharing and must share this with all.
Website Design Company Bangalore | Website Development Bangalore
denizen by levi’s men’s dresses,denizen levi’s men’s dresses,donate,dresses collection for summer,man dresses,men’s dresses collection,men’s dresses collection fashion,khussa,khussa indian shoes,khussa mahal,khussa shoe,khussa shoes,khussa trends collection,khussa wedding shoes,khussas for fashionable women,ladies khussa,mens khussa,mens khussa shoes,pakistani khussa,collection dress,dresses in fashion,glitter designs,londan men fashion,lookbook,men dresses style collection,paris fashion dress,street look,stylish men wear,trendy ideas dress,uk trendy men wear,watches fashion,14 august fabulous nails art designs,14 august nails,all colour nails,attractive,beautify nails,chocolate,embellish nails,fresh design,graceful,green,independance day,nails art designs collection,paint nails,stones nails,ankle band tattoos,ankle bracelet tattoos,ankle tattoos designs newest collection,ankle tattoos for women,butterfly ankle tattoos,butterfly tattoos on ankle,cool ankle tattoos,cute ankle tattoos,flower ankle tattoos,tattoos designs,tattoos on ankle,girls wear collection,gul ahmed midsummer arrivals,jashn-e-azaadi wear dresses,latest collection by gul ahmed,latest jashn-e-azaadi dresses,long shirt dresses,midsummer arrivals,newest collection by gul ahmed,seasonal dresses,styo dresses,women stylish jashn-e-azaadi wear dresses,women wear collection,autumn polyvore,best clothing combos,events polyvore combos,formal wear polyvore,how to dress up for office,polyvore combos autumn collection to try on events,polyvore combos autumn fashion,try on events polyvore combos,amazing nail art,awesome nail art designs,beautiful nail art,floral nail art for ladies,insurance,nail art,nails,stylish floral nail art,bridal shower,bridal shower cakes,bridal shower decorations,bridal shower favors,bridal shower games,bridal shower gift ideas,bridal shower gifts,bridal shower ideas,bridal shower ideas collection,bridal shower invitations,bridal shower invites,bridal shower themes,bnb trendy and stylish handbag,fashion of handbags,girls handbags,handbag,handbag designs fashion,handbag designs fashion for womenattorney,claim,classy pakistani,credit,degree,donate,dresses,hosting,insurance,lawyer,lehenga choli,loans,mortgage,salwar kameez,suits design,unstitched pattern,women dresses,women wear,beautiful jewellary collection 2015,rings collection 2015,rings collection 2015 for men & women,wedding flowers and rings,wedding flowers and rings collection,wedding flowers and rings collection 2015 jewellary,wedding rings collection 2015,motifz,motifz dresses 2015,spring collection 2015,spring dresses,elegant lehenga cholimlehenga choli,lehenga,lehenga choli fashion 2015,party wear elegant lehenga choli,tagged bridal wear elegant lehenga choli
ReplyDeletefashion for wedding dresses
ReplyDeleteparty-wear-saree-suits
evening suits by maria b
designs lehenga bridess
makeup ideas
Bridal High Heel Shoes
Natasha Couture Party Sexy Outfits
Kurti for Teen Lovely Girls
Diwali Special Lehenga Choli Cataloge
PARTY AND WEDDING WEAR NAIL ART
HAIRSTYLES IN FACE SHAPES
HUGO BOSS SUN GLASSES GIRLS
BEAUTIFUL NATASHA SALON” BRIDAL MAKE-UP
BORJAN WOMEN HAND BAGS AND SHOES
Eye-Makeup Varieties For Girls
Men Kurta Salwar Kameez
Kids Clothes Fashion
Fresh Mehndi Collection
Rings Jewellery Designs
Lawn Dresses Launch For Ladies
ReplyDeleteFaraz Manan Dresses
Gown Varieties Fashion
Cinderella Gown & Dresses
Sunglasses For Western Girls
Shalwar Kameez
Big Spring Summer Collection
Latest Mehndi Designs
Kurta Design
Ghani Kaka Textile Women Party Dresses
Pakistani Unstitched Pattern Suits
Wedding Flowers And Rings Collection
Lehenga Choli In Vibrant Colors
Graceful Indian Jewelry By Kalyan Jewelers
EXCLUSIVE LAWN DRESSES
SUMMER LAWN
ahmed summer lawn
LINEN SUMMER LAWN DRESSES
LAWN DRESSES
Maria B Party Wear Dresses
wildfox beautiful sunglasses
marvelous indian mehendi designs
kareena kapoor stylish dresses
artimmix printed lawn dresses
RALPH LAUREN WINTER DRESSES FASHION
ReplyDeletehttp://fashionzsas.com/latest-ralph-lauren-winter-dresses-fashion/
Delete
ReplyDeleteElegant Nail Designs Fashion
Churidar Clothes Fashion Style
Indian Lehenga Choli Bridal Dress
STYLISH SUNGLASSES DESIGNS
FROCKS DESIGNS FASHION
Elegant Nail Designs Fashion
Churidar Clothes Fashion Style
Indian Lehenga Choli Bridal Dress
STYLISH SUNGLASSES DESIGNS
FROCKS DESIGNS FASHION
Elegant Nail Designs Fashion
Churidar Clothes Fashion Style
Indian Lehenga Choli Bridal Dress
STYLISH SUNGLASSES DESIGNS
FROCKS DESIGNS FASHION
Elegant Nail Designs Fashion
Churidar Clothes Fashion Style
Indian Lehenga Choli Bridal Dress
STYLISH SUNGLASSES DESIGNS
FROCKS DESIGNS FASHION
Elegant Nail Designs Fashion
Churidar Clothes Fashion Style
Indian Lehenga Choli Bridal Dress
STYLISH SUNGLASSES DESIGNS
FROCKS DESIGNS FASHION
I agree with you. Thank you for sharing the update. It is interesting to have it discussed widely so that we can gain more objective opinions. Website Design Companies Bangalore | Website Designing Company Bangalore
ReplyDeleteI agreed with the term you shared and discussed in your post. I must say it's a nice sharing. iphone application development
ReplyDeleteThis is great post , thanks for sharing...!
ReplyDeleteweb hosting Bangalore
I really appreciate your article. the post has excellent tips which are useful. this post is good in regards of both knowledge as well as information.
ReplyDeleteWeb Design in Bangalore | SEO Experts in Bangalore
Thanks a lot, Great news!!!
ReplyDeleteEcommerce Web Designing Company Bangalore | Magento Web Designing Company Bangalore
Great job!! your work is amazing. your working process is wonderful. I make you feel relaxed, well cared and extra special.
ReplyDeleteI highly recommend this place. Thanks! You guys are the best!
Networking Security Services Bangalore
thank for you sharing Máy lạnh Multi
ReplyDeleteDàn nóng multi Daikin
Dan lanh treo tuong Milti Daikin
Dàn lạnh giấu trần Multi Daikin
Dàn lạnh âm trần Cassette Multi Daikin