clientCertificateMappingAuthentica tion question
Hi,
What is diffarence between authentication process on two web sites in IIS:
1) clientCertificateMappingAuthentication = enabled, SSL on, Require client certificate, windows authentication = disabled.
2) clientCertificateMappingAuthentication = disabled, SSL on, Require client certificate, windows authentication = enabled.
When I have windows authentication disabled what protocol is used to make certificate mapping?
Adam
February 10th, 2011 1:00pm
Kerberos. What will happen is that the browser will immediately fail if the certificate is not provided or cannot be mapped to a user account.
If you have Windows authentication enabled, but require certificates, the browser will taunt you with a login window, that will never work.
You do not have to have Windows Authentication enabled for certificate-based authentication.
Brian
Free Windows Admin Tool Kit Click here and download it now
February 10th, 2011 1:55pm
Thanks.
Is there any sollution to make succesfull auhorization with enabled windows authentication, disabled client certificate mapping AND enabled "smart card is required" for AD user?
I need client certificate mapping disabled because I'm using OWA 2007 + Symantec Enterprise Vault which doesn't support certificate mapping - EV uses WebDAV to connect /Exchange virtual directory. When I enable mapping I get 401 from /Exchange virtual directory
:)
(see http://msexchangeteam.com/archive/2008/11/12/450094.aspx)
Adam
February 11th, 2011 7:07am