Ars Technica

IIS, windows authentication, load balancers and SSL

Our minor departmental ASP.NET app works great in DEV on a web server without SSL. It relies on getting the User's Windows identity from HttpContext.Current.User.Identity.Name<BR><BR>When we move the ...
Dark Reading

Zero-Day IIS Vuln Bypasses Authentication

Windows sysadmins responsible for servers running Microsoft Internet Information Services (IIS) received an unexpected surprise last Friday afternoon--or first thing this morning--in the form of a ...
Ars Technica

Intranet Authentication - IIS 5 - Kerberos instead of NTLM

At work we have an intranet web server that is Running DotNetNuke for our intranet portal. I have been having issues with people not authenticating properly after they change their password ...