RE: [ActiveDir] Enable Windows Integrated Authentication through GPO

[Ulf B. Simon-Weidner]

The IIS site must be set up to allow windows integrated authentication and not to allow anonymous access. By default the IE Security Zone “Local Intranet” is enabled to allow Integrated Authentication (while Trusted Sites does not), if you haven’t changed that you can configure the systems in question to be within the local intranet zone.   I don’t know if you are able to change IEs settings per GPO, propably only if you created an ADM yourself, but you may be able to change it with IEAK. But that shouldn’t be necessary if you use the correct security zones, and I’d recommend not enabling it for “Trusted Sites” or other Zones which are outside your DMZ.   Gruesse - Sincerely, Ulf B. Simon-Weidner   MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz   Weblog: http://msmvps.org/UlfBSimonWeidner   Website: http://www.windowsserverfaq.org   Profile:   http://mvp.support.microsoft.com/profile="">    From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, January 03, 2006 8:26 PM To: [EMAIL PROTECTED]; ActiveDir@mail.activedir.org Subject: [ActiveDir] Enable Windows Integrated Authentication through GPO   How does someone enable Windows Integrated Authentication  through a Group Policy.  You will find this on the Advanced tab of Internet Options.     Justin A. Salandra MCSE Windows 2000 & 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]