Greetings. I am the webmaster for a site where I have limited access to the server I work on (I have to VPN into a fixed location in order to make changes). This is a Windows server running IIS, but I don't know which version for certain.
On the site I work on there are two main directories. One is open to everyone, the other is used as a password protected area. I have received a few emails from people who are supposed to be set up for the password protected areas of the site who report getting multiple login prompts when trying to access portions of the site.
Without having access to their computer, what can I do to determine what could be causing the problem? I am not familiar with all of the aspects of Windows security.
Given my description above (hopefully it makes sense), are any of the following possibilities?
- user requires updates to OS and/or web browser (e.g. Windows updates)
- user's authentication set up incorrectly on server
I have noticed that some of the people that visit parts of the website (based on logging) use an HTTP Authorization of "NTLM" and others use "Negotiate". What is the difference in these? Could this be another symptom of the problem?
I hope I wasn't too vague in my description of the problem. Any help with this will be appreciated.
Thanks in advance.
On the site I work on there are two main directories. One is open to everyone, the other is used as a password protected area. I have received a few emails from people who are supposed to be set up for the password protected areas of the site who report getting multiple login prompts when trying to access portions of the site.
Without having access to their computer, what can I do to determine what could be causing the problem? I am not familiar with all of the aspects of Windows security.
Given my description above (hopefully it makes sense), are any of the following possibilities?
- user requires updates to OS and/or web browser (e.g. Windows updates)
- user's authentication set up incorrectly on server
I have noticed that some of the people that visit parts of the website (based on logging) use an HTTP Authorization of "NTLM" and others use "Negotiate". What is the difference in these? Could this be another symptom of the problem?
I hope I wasn't too vague in my description of the problem. Any help with this will be appreciated.
Thanks in advance.