Publishing Sharepoint 2010 with claims based auth RRS feed

  • Question

  • I have a customer with a strange scenario.  They had SharePoint 2010 with claims based windows auth setup and working fine for internal users.  I configured UAG to publish SharePoint, and had them add the associated AAM rules and IIS host headers to SharePoint to handle the fact it was https on external side but http on internal side.  SharePoint working fine thru UAG.   Then we noticed a strange phenomenon.  If user had a working session to sharepoint going thru UAG and then opened another session internally, the one thru UAG started throwing permissions errors saying UAG couldn't authenticate to SharePoint.  Same was true on the reverse and user got continual 401 prompts from internal client even though we knew the credentials being entered were correct.   I also noticed in the SharePoint IIS log the ones that worked (whether thru UAG or internal) has user name claims encoded like i:0#.w|domain\user, whereas the ones that failed just said domain\user.   Any idea why this would happen?  Is there something about sharepoint where it cares that a user has multiple sessions from different sources that use different AAM rules? 


    Tuesday, May 21, 2013 10:07 PM