locked
Extranet-Site with SSL - Some users cannot open MS Office documents with Office 2010 RRS feed

  • Question

  • Hi,

    we have an extranet site running on MOSS 2007. It is SSL encrypted and we use integrated windows authentication with NTLM. The checkbox at Basic Authentification is unchecked.

    Some users with MS Office 2010 get this error message: 

    You cannot open Office file types directly from a server that supports only Basic authentication over a non-SSL connection.

    http://support.microsoft.com/kb/2123563/en

    I cannot reproduce this issue on my client having XP and Office 2010 althgough I deactive basic authentification (which is not used anyway from my POV).

    Question:

    Is it possible due to network infrastructure that by some reason Sharepoint falls back to basic authentication although it is unchecked?

    Thanks

    Sven

    Friday, September 14, 2012 7:03 AM

Answers

  • Hello Sven,

    No, if SharePoint is configured to use Windows Authentication (NTLM / Kerberos) + Basic Authentication is unchecked AND if nothing is changed in IIS manually then SharePoint will NOT fall back to basic auth.

    You can use the following command to get the Authentication Provider from IIS web site level.
    cscript adsutil.vbs get w3svc/##/root/NTAuthenticationProviders
    Where ## is the website identifier.

    Also, check if your extranet site extended from an internal site? If so, does that internal site uses Basic Auth? If yes, are there any hardcoded link which may be redirecting the client to internal link instead?


    Please remember to click 'Mark as Answer' on the post that helps you or click 'Unmark as Answer' if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Regards,
    Nishant Shah
    Microsoft Online Community Support



    Wednesday, September 19, 2012 12:07 PM
    Moderator

All replies

  • Hi,

    Thank you for your question. I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience. Thank you for your understanding and support.

    Thanks,

    Entan Ming

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contacttnmff@microsoft.com.


    Entan Ming

    TechNet Community Support

    Monday, September 17, 2012 7:35 AM
    Moderator
  • Hello Sven,

    No, if SharePoint is configured to use Windows Authentication (NTLM / Kerberos) + Basic Authentication is unchecked AND if nothing is changed in IIS manually then SharePoint will NOT fall back to basic auth.

    You can use the following command to get the Authentication Provider from IIS web site level.
    cscript adsutil.vbs get w3svc/##/root/NTAuthenticationProviders
    Where ## is the website identifier.

    Also, check if your extranet site extended from an internal site? If so, does that internal site uses Basic Auth? If yes, are there any hardcoded link which may be redirecting the client to internal link instead?


    Please remember to click 'Mark as Answer' on the post that helps you or click 'Unmark as Answer' if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Regards,
    Nishant Shah
    Microsoft Online Community Support



    Wednesday, September 19, 2012 12:07 PM
    Moderator