locked
Windows user failed to authenticate on Web Server RRS feed

  • Question

  • Hi,

    I have three tier deployment for sharepoint and I am using claim based authentication.

    When I tried to login to SharePoint using windows authentication on web server it's saying unauthroize.

    But same thing when I tried from application server it's working fine.

    I have add the domain user as farm administrator and has full control

    Don't know what's happing wrong with it.

    Thanks,

    Pramod

    Thursday, March 15, 2012 6:00 AM

Answers

All replies

  • Hi Pramod,

    If you got as the following error:
    ProtocolError occured trying to complete the request. The server returned a status code of : ProxyAuthenticationRequired and the status description is : "Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )"

    Solutions:

    There are two things you can do, but maybe just one will work. In my case, solution 2 was in the end the only solution after testing and investigating half a day.

    Solution 1

    1. Navigate to the virtual directory of the SharePoint site, like: C:\inetpub\wwwroot\wss\VirtualDirectories\yoursitename

    2. In the root you will find the file web.config. Edit this file and search for the line with <system.net>. Now copy and paste the following lines and make sure you change the value proxyaddress to the address of your own proxy server:

    <system.net>
        <defaultProxy enabled="true" useDefaultCredentials="true">
            <proxy bypassonlocal="true" proxyaddress=http://10.1.2.3:80 />
        </defaultProxy>
    </system.net>
    3. Save the file and restart IIS. To reset IIS, click Start > All Programs > Accessories > right-click Command Prompt, select Run as administrator, type in iisreset, and press ENTER.

    Solution 2

    Configure ISA/TMG to allow unauthenticated traffic to the Internet. Just add a rule which allows the SharePoint frontend server to navigate to the Internet (network External) over port 80.  Rule settings:

    Action: Allow

    Protocols: HTTP (80)

    From / Listener: hostname of your frontend server

    To: External (Internet)

    For more information, please refer to the following link(SharePoint 2010):
    http://blog.henryong.com/2011/08/18/sharepoint-2010-converting-from-classic-to-claims-authentication-lessons-learned/

    Thanks,
    Lhan Han

    Monday, March 26, 2012 9:11 AM
    Moderator
  • Hi Lhan,

    I got the solution and windows authenticaion is working now.

    I refer following KB which suggest to change some registry value.

    http://support.microsoft.com/kb/926642/

    Thanks,

    Pramod

    • Marked as answer by Pramod S Monday, March 26, 2012 2:13 PM
    Monday, March 26, 2012 2:13 PM