I have an ASP.net forms website hosted on IIS 7.5
I have two ad accounts from the same domain, rob.bowman and sys.rob.bowman.
I logon to the host webserver via rdp using my sys.rob.bowman account.
When I try to browse to the website I am challenged for credentials. If I enter my domain username and password for rob.bowman I am granted access to the website.
If I enter my domain username and password for sys.rob.bowman I am refused accessed presented with the login dialog two more times before getting a 401.2 error.
As far as web.config in the app is concerned both accounts should have access.
I've captured the attempts using fiddler, when I use the working account I see the following request headers:
> GET /SEOPSupportApp/Pages HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Authorization: Negotiate YIILuAYGKwYBB...long code!
However when I use the failing sys.rob.bowman account I can see the following http headers are sent:
> GET /SEOPSupportApp/Pages/ HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: tst-bts01
I guess the reason I'm getting the 401.2 for the failing account is because no "Authorization" field is being sent?
Could anyone please advise how I can solve this?