?? ?? IIS 7.0 ??? Kerberos ?????????? ????????? ?? ??? ?????? Windows ?????????? ?? ????? ???? ??????????? ????? ?? ???? ??

???? ?????? ???? ??????
???? ID: 954873 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
??? ?? ??????? ???? | ??? ?? ??????? ????

?????

?? ?? ??????? ?????????? ???????? (IIS) 7.0 ????? ?? ?? ???? ???????? ?? ????? ?? ??? ????????? ?? ???? ??????????? ?? ????? ?? ????? ?? ?????? ?? ???? ?? ??? ????? ????????? ???? ???? ???::
  • ?? IIS 7.0 ?? ??? ?????? Windows ?????????? ?? ????? ?????
  • ??? ???? ?? ?????????? ?? ???????? ???? ?? ??? ?? Kerberos ?????????? ????????? ?? ????? ?????
?? ?????? ?? ???? ?? ?? ?????????? ??????? ????????? ????? ?? ?? ??? ???? ??????? ???

????

This problem occurs because IIS 7.0 requires the client to be reauthenticated for each HTTP request when you use the Kerberos authentication protocol. This behavior causes network traffic to increase.

This behavior differs from the behavior in IIS 5.0. In IIS 5.0, a client that is authenticated by the Kerberos protocol after an initial HTTP request stays authenticated during the HTTP keep-alive session.

????????

To resolve this problem, set the value of theauthPersistNonNTLMproperty to True at the server level in IIS 7.0. ??? ???? ?? ???, ????? ????? ?? ???? ????::
  1. ????? ????,???????????? ????,???????????:cmd?? ????-????? ????, ?? ???? ???OK.
  2. At the command prompt, type the following commands, and then press ENTER:
    cd %SystemRoot%\System32\inetsrv

    appcmd set config /section:windowsAuthentication /authPersistNonNTLM:true
???:TheauthPersistNonNTLMproperty controls the reauthentication requirement of Kerberos authentication. By default, this property is set to False.

???? ???????

??? ???? ?? ???authPersistNonNTLMproperty to True, you do not require a reauthentication for every request that is made over the same keep-alive connection. You may have to reauthenticate only if you use a different client TCP port to make another HTTP request. This scenario occurs when a new HTTP keep-alive session must be established.

For more information about HTTP keep-alive sessions, visit the following Internet Engineering Task Force (IETF) Web site:
http://www.ietf.org/rfc/rfc2616.txt
TheauthPersistNonNTLMconfiguration property in IIS 7.0 replaces the EnableKerbAuthPersist registry key that is used in IIS 6.0.

??????

917557FIX: ?? ????? ?? ???? ??????????? ?? ????? ???? Kerberos ?????????? ????????? ?? ??? ?????? Windows ?????????? IIS 6.0 ???
?????? ?????? ???? ??? ???? ?????? ???? ?? ??? Microsoft ???? ?????-???? ?????? ??????? ?????? ????? ??.. ?? ?????? ??????? ???? ???? ????? ????? ?? ??? ???? ??.. Microsoft ?? ?????-???? ?????? ??????? ?? ??? ???? ?? ??? ?????? ???? ????..

???

???? ID: 954873 - ????? ???????: 06 ?????? 2010 - ??????: 2.0
???? ???? ???? ??:
  • Microsoft Internet Information Services 7.0
??????: 
kbtshoot kbprb kbmt KB954873 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:954873

??????????? ???

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com