{"id":257,"date":"2011-09-13T14:22:46","date_gmt":"2011-09-13T19:22:46","guid":{"rendered":"http:\/\/laurinkeithdavis.com\/wordpress\/?p=257"},"modified":"2011-09-13T14:22:59","modified_gmt":"2011-09-13T19:22:59","slug":"iis-security-versus-keith-davis-i-win-iis-security-security-part-deux","status":"publish","type":"post","link":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/","title":{"rendered":"IIS Security versus Keith Davis = I Win (IIS Security &#038; Security Part Deux)"},"content":{"rendered":"<p>Well, if I&#8217;m going to complain, then I ought to share the solution when I find one&#8230;and I did. It involves:<\/p>\n<ul>\n<li>Delegation<\/li>\n<li>SPN<\/li>\n<li>FQDN<\/li>\n<li>Integrated Windows Authentication<\/li>\n<\/ul>\n<p>Really, it was easy to fix once I figured it out. The primary component in our configuration that may not common is that we use Windows Authentication exclusively, so that last part was easy. I did have Digest Authentication enabled, and that cannot be, but it was no big deal to turn it off.<\/p>\n<p>Then what I had to do was <a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc738491(WS.10).aspx\" target=\"_blank\">enable Delegation <\/a>for the web server in Active Directory. Next,\u00a0I <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/ms191153.aspx\" target=\"_blank\">registered the SPN<\/a> for the web server.\u00a0 This part is not necessary if you use the actual host name to access your web server (ex. app01.pridedallas.com), but we do not, we use intranet.pridedallas.com. Finally, and this is more of a process issue, you MUST use the FQDN. So, on our Intranet, I changed our home page in AD to <a href=\"http:\/\/intranet.pridedallas.com\">http:\/\/intranet.pridedallas.com<\/a>, and added code to our site that redirects all users to the FQDN if they get there otherwise.<\/p>\n<p>Consequently, I found that <a href=\"http:\/\/www.visualcron.com\/\" target=\"_blank\">VisualCron<\/a> does not like that forced redirection. Had to modify all of our HTTP jobs&#8230;.there were a lot.<\/p>\n<p>And whala! It worked. Thank God. I can put the AK back in the box&#8230;.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Well, if I&#8217;m going to complain, then I ought to share the solution when I find one&#8230;and I did. It involves: Delegation SPN FQDN Integrated Windows Authentication Really, it was easy to fix once I figured it out. The primary component in our configuration that may not common is that we use Windows Authentication exclusively, &#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,15],"tags":[],"class_list":["post-257","post","type-post","status-publish","format-standard","hentry","category-blog","category-development"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>IIS Security versus Keith Davis = I Win (IIS Security &amp; Security Part Deux) - Laurin Keith Davis<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"laurin1\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/\"},\"author\":{\"name\":\"laurin1\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/1861bcbaef0e308b3d8425e1c31d5a2b\"},\"headline\":\"IIS Security versus Keith Davis = I Win (IIS Security &#038; Security Part Deux)\",\"datePublished\":\"2011-09-13T19:22:46+00:00\",\"dateModified\":\"2011-09-13T19:22:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/\"},\"wordCount\":236,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/fbc4e40a1986326ceb08f5f29f53ff79\"},\"articleSection\":[\"Blog\",\"Development\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/\",\"url\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/\",\"name\":\"IIS Security versus Keith Davis = I Win (IIS Security & Security Part Deux) - Laurin Keith Davis\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#website\"},\"datePublished\":\"2011-09-13T19:22:46+00:00\",\"dateModified\":\"2011-09-13T19:22:59+00:00\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\\\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#website\",\"url\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/\",\"name\":\"Laurin Keith Davis\",\"description\":\"What we have here, is a failure to communicate...\",\"publisher\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/fbc4e40a1986326ceb08f5f29f53ff79\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/fbc4e40a1986326ceb08f5f29f53ff79\",\"name\":\"Keith\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/wp-content\\\/uploads\\\/2012\\\/05\\\/2012-04-04-001.jpg\",\"url\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/wp-content\\\/uploads\\\/2012\\\/05\\\/2012-04-04-001.jpg\",\"contentUrl\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/wp-content\\\/uploads\\\/2012\\\/05\\\/2012-04-04-001.jpg\",\"width\":640,\"height\":640,\"caption\":\"Keith\"},\"logo\":{\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/wp-content\\\/uploads\\\/2012\\\/05\\\/2012-04-04-001.jpg\"},\"sameAs\":[\"http:\\\/\\\/www.facebook.com\\\/laurin1\",\"https:\\\/\\\/www.facebook.com\\\/laurin1\",\"https:\\\/\\\/www.instagram.com\\\/laurinkeithdavis\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/laurin1\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/twitter.com\\\/laurindavis\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/1861bcbaef0e308b3d8425e1c31d5a2b\",\"name\":\"laurin1\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg\",\"caption\":\"laurin1\"},\"url\":\"https:\\\/\\\/laurinkeithdavis.com\\\/wordpress\\\/author\\\/laurin1\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IIS Security versus Keith Davis = I Win (IIS Security & Security Part Deux) - Laurin Keith Davis","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/","twitter_misc":{"Written by":"laurin1","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/#article","isPartOf":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/"},"author":{"name":"laurin1","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#\/schema\/person\/1861bcbaef0e308b3d8425e1c31d5a2b"},"headline":"IIS Security versus Keith Davis = I Win (IIS Security &#038; Security Part Deux)","datePublished":"2011-09-13T19:22:46+00:00","dateModified":"2011-09-13T19:22:59+00:00","mainEntityOfPage":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/"},"wordCount":236,"commentCount":0,"publisher":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#\/schema\/person\/fbc4e40a1986326ceb08f5f29f53ff79"},"articleSection":["Blog","Development"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/","url":"https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/","name":"IIS Security versus Keith Davis = I Win (IIS Security & Security Part Deux) - Laurin Keith Davis","isPartOf":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#website"},"datePublished":"2011-09-13T19:22:46+00:00","dateModified":"2011-09-13T19:22:59+00:00","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/laurinkeithdavis.com\/wordpress\/iis-security-versus-keith-davis-i-win-iis-security-security-part-deux\/"]}]},{"@type":"WebSite","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#website","url":"https:\/\/laurinkeithdavis.com\/wordpress\/","name":"Laurin Keith Davis","description":"What we have here, is a failure to communicate...","publisher":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#\/schema\/person\/fbc4e40a1986326ceb08f5f29f53ff79"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/laurinkeithdavis.com\/wordpress\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#\/schema\/person\/fbc4e40a1986326ceb08f5f29f53ff79","name":"Keith","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-content\/uploads\/2012\/05\/2012-04-04-001.jpg","url":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-content\/uploads\/2012\/05\/2012-04-04-001.jpg","contentUrl":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-content\/uploads\/2012\/05\/2012-04-04-001.jpg","width":640,"height":640,"caption":"Keith"},"logo":{"@id":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-content\/uploads\/2012\/05\/2012-04-04-001.jpg"},"sameAs":["http:\/\/www.facebook.com\/laurin1","https:\/\/www.facebook.com\/laurin1","https:\/\/www.instagram.com\/laurinkeithdavis","https:\/\/www.linkedin.com\/in\/laurin1","https:\/\/x.com\/https:\/\/twitter.com\/laurindavis"]},{"@type":"Person","@id":"https:\/\/laurinkeithdavis.com\/wordpress\/#\/schema\/person\/1861bcbaef0e308b3d8425e1c31d5a2b","name":"laurin1","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg","url":"https:\/\/secure.gravatar.com\/avatar\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f22d2ca8275d0ed003a18f070dd397b82ba1ad35ed38742c6410652a9a521c69?s=96&d=mm&r=pg","caption":"laurin1"},"url":"https:\/\/laurinkeithdavis.com\/wordpress\/author\/laurin1\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p16SmA-49","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/posts\/257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/comments?post=257"}],"version-history":[{"count":2,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/posts\/257\/revisions"}],"predecessor-version":[{"id":259,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/posts\/257\/revisions\/259"}],"wp:attachment":[{"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/media?parent=257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/categories?post=257"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/laurinkeithdavis.com\/wordpress\/wp-json\/wp\/v2\/tags?post=257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}