How can I enable Integrated Windows Authentication in ESM?
Answer:(Note: This can only be applied when using Active Directory Authentication in ESM)Turn on Windows Authentication for the “cameras” website in IIS.
Expand the "cameras" site and also turn on Windows Authentication for the "admin" sub-site.
IIS 7:
http://technet.microsoft.com/en-us/library/cc754628(v=ws.10).aspx
IIS 6:
http://technet.microsoft.com/en-us/library/cc780160(v=ws.10).aspx
******************
Locate the physical path of the “cameras” website. The default is “C:\ipconfigure\”, but you can also look on the properties of the camera website in IIS to find it.
Find these 2 files:
“cameras”/web.config
“cameras”/admin/web.config
Change:
<authentication mode="Forms">
To:
<authentication mode="Windows">
Delete:
<roleManager>…</roleManager>
Add:
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" >
<providers>
<clear />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
To get the credentials to pass completely through using a fully qualified domain name, you must add the site to the local intranet zone in your browser for each workstation computer and the server. (Not working in Firefox as of 6/13/13)
In Internet Explorer, it is located at Tools > Internet Options > Security > Local Intranet > Sites > Advanced. Once here, add your site with https.
Example: https://VideoServer.domain.com
Open IIS Manager again and right click the "Cameras" Site. Click "Edit Bindings." You will need to add an https binding.
Type: https
IP Address: All Unassigned
Port: 443
Open command prompt as administrator on your server and run an iisreset.
******************
Ensure “Enable Integrated Windows Authentication” is checked in the Advanced tab of Internet Explorer for all client workstations.
Comments
0 comments
Please sign in to leave a comment.