Sign in
Microsoft.com
 
SharePoint Products TechCenter
 
 
 
SharePoint Products TechCenter > SharePoint Products and Technologies Forums > SharePoint - General Question and Answers and Discussion > Pass-through authentication across external trust
Ask a questionAsk a question
Search Forums:
 

QuestionPass-through authentication across external trust

  • Friday, November 06, 2009 1:52 PMcmhnz Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Hi all,

    We've created an external trust where we are the trusted domain, to allow users in our domain to access a Sharepoint site in the trusting domain.

    We can access the Sharepoint site, but get prompted to enter login credentials each time we open the browser and access the site for the first time.

    I've added the site as an Intranet Zone in IE, and tried adding as a Trusted Site and changed the 'User Authentication' setting to 'Automatic logon with current user name and password' but we still get prompted for login credentials. The status bar in IE confirms that IE realises the site is a Trusted Site or Intranet Zone when set.

    Can anyone confirm what pass-through authentication details are sent to the trusting domain ie. DOMAIN\username and password, or just username and password? If just username and password, is there any way to change this?

    Is there something in Sharepoint that needs configuring when trusting/authenticating users over an external trust?

    Thanks,
    Chris
     

All Replies

  • Monday, November 09, 2009 1:45 AMFabian G Williams Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote

    So it think the real question here is

    Can anyone confirm what pass-through authentication details are sent to the trusting domain ie. DOMAIN\username and password, or just username and password? If just username and password, is there any way to change this

    So... if you have at a minimum a One-Way Transitive Trust see http://technet.microsoft.com/en-us/library/cc736874(WS.10).aspx for details on Trusts... then you are good to go.  By default it will send Domain\Username accross since the domains are in-fact different.  and if you have your Zones configures which it seems you have everything right. 

    The only thing that i know of that will cause you to experience what you are dealing with is IF you are trying to open a document in a Library on the inside, cause Office will want to authenticate you agian and that is different than the NTLM challange. 

    To test that your Trust is working may i suggest a test.

    See if you can find the user in the People Picker?

     
  • Wednesday, November 11, 2009 9:38 AMcmhnz Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Thanks for your reply Fabian.

    We've raised a call with Microsoft as we've performed all the tests that we can.  We believe it is something on Sharepoint and since I have no access to Sharepoint (I am in the trusted domain) it is being dealt with by colleagues in the trusting domain.

    Once we have the resolution I'll post it here.