Friday, October 14, 2011

Windows Authentication not working in IE9 on Windows 7

As a distributed virtual company, we have a unique IT environment. One of the challenges is accessing internal resources over the Internet. One of our resources is running on IIS 6.0 (Windows Server 2003) and uses LDAP authentication based on Active Directory. I recently switched to a new machine that is running Windows 7 Enterprise Edition and Internet Explorer 9. After the switch, I was unable to login to the internal resource because the authentication was failing.

I found the resolution posted by Techie_Jones in the Windows 7 Security forum:

The solution I was looking for ended up being disabling the EAP for Windows 7. Official documentation has not been released as of last week, but the fix is to set these Registry changes on the Windows 7 workstation:

HKEY_Local_Machine\System\CurrentControlSet\Control\LSA\SuppressExtendedProtection (Create DWORD value of “1”) (Add this property if it doesn’t exist)

HKEY_Local_Machine\System\CurrentControlSet\Control\LSA\LmCompatibilityLevel (Default DWORD value of “3”)

After making the suggested changes, I was able to login successfully.

No comments:

Post a Comment