none
SharePoint 2007 Kerberos / NTLM remote access question

    Question

  • Hi,

    I have setup a SP2007 site that uses Kerberos authentication and everything works great internally. When a user trys to access it remotely, they get a "Internet Explorer cannot display the webpage" page. We can fix this by going to IE's Internet options -> Security and then either

    -Local Intranet -> Custom Level -> User Authentication - Logon -> and select "Prompt for user name and Password"

    or

    - Trusted sites - > Sites -> Advanced -> and then add "https:/www.microsoft.com" and then Close and Custom Level -> User Authentication - Logon -> and select "Prompt for user name and Password"

    Both of these will then prompt the remote user for a username and password (using NTLM). BUT if they later try and access the site using our intranet they are again prompted for username and password instead of using Kerberos. This is an issue because it prompts for a username for every MS office file on SP they try to access.

    Is there any way to use Group Policy and have one policy while on the intranet and another when not on the intranet? Or is there a better way? Any help or suggestions would be appreciated!

    Thursday, February 02, 2012 6:39 PM

All replies