Setting Up Digest Authentication for Use with Internet Information Services 5.0

• Microsoft Internet Information Services version 5.0

SUMMARY

Digest Authentication is new to Windows 2000 and Internet Information Services 5.0. This form of authentication encrypts the user's password information, and provides a mechanism for aiding in the prevention of some common server attacks (such as a replay attack).

In order to use Digest Authentication in Windows 2000, the server must be a Directory Server. If the server that IIS is running on does not have access to the Active Directory, this authentication will not work. For more information about making the server a Directory Server, see the Windows 2000 documentation.

If the server is already a Directory Server, perform the following steps:

1. Open the Active Directory Users and Computers.



2. Open the domain that you want to administer.



3. Double-click the user name that you want to use with Digest Authentication.



4. In Account Options, select Save password as encrypted clear text.



5. Click OK.



6. Reset the user's password now in order for the encryption to take place. To reset the user's password, right-click the user name in the directory and click Reset Password.



7. Click OK.

1. Open Internet Services Manager.



2. Expand the Web server that you want to make the change in, and then open the Web site's properties.



3. Click the Directory Security tab.



4. Under Anonymous Access and Authentication Control, click Edit.



5. Select Digest Authentication from the list, and then click OK,

MORE INFORMATION

For more information about Digest Authentication, see RFC2069, or the IETF (Internet Engineering Task Force) document found at the following Web address:

http://search.ietf.org/internet-drafts/draft-ietf-http-authentication-03.txt

Additional query words: iis

Keywords :
Version : winnt:5.0
Platform : winnt
Issue type : kbinfo