Note Internet Explorer clients that are using Windows NT 4 or Windows 95 or Windows 98 will not fail. Also, other authentication schemes will work.
Microsoft ASP.NET users may see an error message that is similar to the following:
Server Error in '<application name>' Application.
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Description: An unhandled exception occurred during the execution of the current web request.
Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Clients using Windows NT 4 or Windows 95 or Windows 98 succeed because they do not natively support Kerberos and thus use Windows NT Challenge/Response (NTLM) authentication.
- If you are using Kerberos:
Use the SetSPN.exe utility, from the Windows 2000 Resource Kit, to register any host header names of Web sites that are configured to use "Integrated" authentication and will be accessed from Windows 2000 clients. If your Web server is running Microsoft Windows Server 2003 and IIS 6, download the Setspn.exe tool from the following location:970536 Setspn.exe support tool update for Windows Server 2003
For example:Server name: webserver1.development.exair.comUse the SetSPN command to register the www.exair.com SPN:
Host header: www.exair.comSetSPN -S HTTP/www.exair.com webserver1NOTE: HOST is a default service type that can be used if HTTP is not working in the registered SPN. As an example, you can use the following command to register the www.exair.com SPN to a default service type:SetSPN -S HOST/www.exair.com webserver1
- If you are not using Kerberos:
Remove Kerberos from the list of authentication providers in Internet Information Services 5.0 by using the following command:cscript adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM"