How To Enable Windows Authentication And Extended Protection For A Web Site, Web Application, Or Web Service

How To Enable Windows Authentication And Extended Protection For A Web Site, Web Application, Or Web Service

The setup for the design of IIS 7 windows authentication module is defined by the element:

<windowsAuthentication>

Windows authentication is essential if you have IIS 7 server that runs on a business set-up which makes use of Microsoft Active Directory service field uniqueness or other Windows profile to recognize users.

For this reason, you can utilize Windows authentication not considering whether or not you have a server that is an element of an Active Directory field.

Windows authentication was previously known as NTLM. It is as well named Windows NT Challenge/Response authentication.

It is a highly protected and secure type of verification given the fact that the username and password are hashed ahead of the onward transfer through the set of network connections.

Enabling Windows authentication makes the browser of the user to transmit a powerfully hashed report of the password exchanged in a cryptographic form with your Web server.

Windows authentication works with two types of verification procedures. These are known as the Kerberos and NTLM.

These protocols are defined with the <providers> coding factor. If you set up and allow Windows authentication on Internet Information Service 7, it comes with Kerberos as the pre-set protocol.

The <windowsAuthentication> coding factor can, as well, contain a useKernelModeelement that shapes when to utilize the kernel method of authentication attribute which is recently introduced in Windows Server 2008.

The out-of-the-box set up of IIS 7 and newer versions of IIS don’t incorporate the Windows authentication service function. For you to utilize the Windows authentication on IIS, you have got to set up the service function, render Anonymous authentication inoperative on your site or app, and afterward, allow Windows authentication for the app or your website.

As soon as you are done with the installation of the service function, IIS 7 assigns the design setup below to the ApplicationHost.config file.

XMLCopy:

<windowsAuthenticationenabled="false" />

A: To enable Windows Authentication, Follow The Steps Below:

Step 1: Click to Open The (IIS) Manager

  • If you are making use of Windows Server 2012 or Windows Server 2012 R2: move your mouse to the taskbar, and hit it off on the Server Manager. From the drop-down menu that appears, hit it off on Tools, followed by clicking the Internet Information Services (IIS) Manager.
  • If you are make use of Windows 8 or Windows 8.1: Press and hold the Windows key, press and hold the letter X, and after this click on the Control Panel. In the control panel, click Administrative Tools, and move ahead to click on the Internet Information Services (IIS) Manager twice.
  • For Windows Server 2008 or Windows Server 2008 R2: go to the taskbar, hit  Start and direct your mouse pointer to Administrative Tools, and when you are there, click on the Internet Information Services (IIS) Manager.
  • For Windows Vista or Windows 7: Go to the taskbar, click on the Start button, and next click on the Control Panel. Double-click on the Administrative Tools tab and also do same on the Internet Information Services (IIS) Manager.

Step 2: Go to The Connections Panel

In the Connections panel, spread out the server name, spread out expand the Sites, and after that, click on the website, app, or Web service that you want to enable Windows authentication.

Step 3: Go To The Home Panel’s Security Sector

Go to the Security sector in the Home panel, and next, click on the Authentication tab twice.

Step 4: Click The Authentication Panel

Go to the Authentication panel, choose Windows Authentication, and after that, click Enable in the Actions panel.

How To Enable Windows Authentication And Extended Protection For A Web Site, Web Application, Or Web Service

B. How to Enable Windows Authentication Extensive Protection

Step 1: Click To Open The Internet Information Services (IIS) Manager:

If what you have is Windows Server 2012 or Windows Server 2012 R2:Go to the taskbar and hit it off on the Server Manager.

Then from the drop-down Menu that appears click on “Tools”. Afterward, click on the IIS Manager.

If you are making use of Windows 8 or Windows 8.1: Click and hold the Windows key, hold the letter X, and then click on the Control Panel.

When you are in the admin panel, click on the Administrative Tools, and afterward click on the Internet Information Services (IIS) Manager twotimes.

If you are utilizing the Windows Server 2008 or Windows Server 2008 R2: go to the taskbar, click on the Start button, move your mouse pointer to the Administrative Tools, and afterward click on the Internet

Information Services (IIS) Manager.

If you are making use of Windows Vista or Windows 7: On the taskbar, click Start, and then click on the Control Panel’s tab. Click on the Administrative Tools two times and afterward click on the Internet Information Services (IIS) Manager two times.

Step 2: Enable Windows Authentication

To do this, go to the Connections panel, enlarge the server name, enlarge Websites, and then the apps, or Web service you want to enable Extended Protection for Windows authentication.

Move to the Security sector in the Home panel, and next, click on the Authentication tab twice. Go to the Authentication panel, choose Windows Authentication, and after that, click Enable in the Actions panel.

How To Enable Windows Authentication And Extended Protection For A Web Site, Web Application, Or Web Service

Step 3: Click Advanced Settings In the Actions Panel

When you’ve opened the dialog box of the Advanced Settings, choose one of any of the following from the drop-down menu of the Extended Protection tab that appears:

  • Click on Accept if you plan to enable extended protection even as you provide down-plane support for systems that by default lack extended protection.
  • Alternatively, click on Required if you plan to allow extensive protection and do not want to offer down-plane support.

How To Enable Windows Authentication And Extended Protection For A Web Site, Web Application, Or Web Service

Once you are done, click on the Okay button to exit the Advanced Settings dialog box.

Step 4:  Configure The Windows Authentication

The <windowsAuthentication> attribute can be configured at the website level, the app level or virtual level of the directory in the ApplicationHost.config file.

Conclusions

These steps are all there is to enabling and windows authentication and extended protection. Going through these step by step tips, you should be able to get it all done by yourself.

Check out these top 3 Best web hosting services

Hostinger
£2.28 /mo
Starting price
Visit Hostinger
Rating based on expert review
  • User Friendly
    4.7
  • Support
    4.7
  • Features
    4.8
  • Reliability
    4.8
  • Pricing
    4.7
IONOS
£0.76 /mo
Starting price
Visit IONOS
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.0
  • Features
    4.5
  • Reliability
    4.5
  • Pricing
    4.3
Ultahost
£1.91 /mo
Starting price
Visit Ultahost
Rating based on expert review
  • User Friendly
    4.3
  • Support
    4.8
  • Features
    4.5
  • Reliability
    4.0
  • Pricing
    4.8

How to Install a Let’s Encrypt Certificate on your Ubuntu 18.04 Dedicated Server or VPS

If you are hosting your website on a VPS server running Ubuntu 18.04, we will sh
less than a minute
Michael Levanduski
Michael Levanduski
Expert Hosting Writer & Tester

How to Troubleshoot SSH Issues

This guide will help you troubleshoot secure shell (SSH) problems.
less than a minute
Idan Cohen
Idan Cohen
Marketing Expert

How to Install and Configure Linux Malware Detect on CentOS 7

This tutorial will help you install and configure Linux Malware Detect (LMD) on
less than a minute
Eliran Ouzan
Eliran Ouzan
Web Designer & Hosting Expert

How to Enable Two-Factor Authentication on an Ubuntu 18.04 VPS or Dedicated Server

This guide will show you how you enable two-factor authentication to improve the
less than a minute
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top