none
SharePoint 2013 Host named Site Collections. How avoid sign in multiples times?

    Question

  • Hi,

    I have the requirement to use subdomains, and i will use SharePoint 2013 Host named Site Collections. I have one site collection, for example: http://contoso.com, and the second will be create like a host named site collection as http://abc.contoso.com

    I have no problem at creating host named collections, but user logged credentials is not "shared". I mean, I logged in http://contoso.com, and after that i redirect to http://abc.contoso.com (for example purpose), and in this site I have prompt  to login another time.

    I have tried in Claims based authentication, using Window Authentication and NTLM, and in another case i have tried also with custom login page.

    Some powershell code to create host named site collection:

    $SiteUrl = "http://abc.contoso"
    $SiteTemplate = "STS#0"
    Write-Host "Creating new site at" $SiteUrl 
    $NewSite=New-SPSite $SiteUrl -HostHeaderWebApplication (Get-SPWebApplication "XXX") -Name 'XXX' -Description 'XXX Description' -OwnerAlias 'domain\user' -language 3082 -Template $SiteTemplate

    I need to authenticate only one time. Any clues?

    I have tried this with no luck: https://serverfault.com/questions/274692/single-sign-on-sharepoint-to-web-app

    I have seen than session (configured SQL Server Session) is different (i have saved something in session and it was not"shared" between contoso and abc.contoso)

    Thank you in advance


    • Edited by Nigiro Thursday, April 27, 2017 7:04 AM
    Thursday, April 27, 2017 7:03 AM

All replies

  • Hi Nigiro,

    For your issue, set ‘Automatic logon with current user name and password in Local intranet zone and Trusted sites of IE:

    Internet options->Security->Local intranet/Trust sites->Custom level->choose "Automatic logon with current user name and password" in Local intranet zone and Trusted sites:

    Best Regards,

    Lisa Chen


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Proposed as answer by Bilel Marouen Friday, April 28, 2017 8:21 AM
    Friday, April 28, 2017 8:00 AM
    Moderator
  • Never set Trusted Sites to 'automatic login'; this is a potential security risk. Use the Intranet Zone instead and add *.domain.com or the specific FQDNs to the Intranet Zone list.

    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, April 28, 2017 6:52 PM
    Moderator
  • Hi Nigiro,

    Is there something update?

    Please remember to mark the reply as an answer if it helps.

    Have a nice day!

    Best Regards,

    Lisa Chen


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, May 5, 2017 11:19 AM
    Moderator
  • Hello Nigiro,

    You should add the site *.contoso.com to the local Intranet in the Internet explorer. 

    1. Go to Internet Options> Security> Local Intranet > Sites > Advanced

    2. Enter *.contoso.com in the box and select "add".

    3. Click close and OK to save the settings

    4. Close all browser windows and start afresh

    Hope this helps. 

    Dont forget to mark an answer if this helps. 


    


    Faisal

    Friday, May 5, 2017 1:33 PM
  • Thank you!

    The problem i have is a real internet site, and the requeriment needs to provide another public site (hosted name site collection). Due to this I can´t use Internet Explorer modifications and so... and they want to prevent login another time.


    • Edited by Nigiro Friday, May 19, 2017 9:37 AM
    Friday, May 19, 2017 9:36 AM