[thelist] Double login to a Secure Intranet Problem [Resolved ]

Rob Smith rob.smith at THERMON.com
Mon Nov 18 14:53:01 CST 2002


Hi list,

Once again, I have found a solution to my own problem. I'm posting the
answer solely because there doesn't exist any documentation regarding this
issue anywhere! (not even in M$) I was mislead into thinking that all our
users had to login twice. That's not the case. Only one person made the
accusation of all, when he alone had to do it, not everyone.

Anywho , the only reason why you'd get the login screen again, is if any
information (account, password, domain) was not right. Well this just
happened to be the case. This user had cached the incorrect password and
clicked "Save my password" checkbox. Thus, causing him to have to login
twice each time.

In a test to prove my theory, I had him retype his password before going to
the second login screen and he went straight into the extranet. wow ...
amazing isn't it. Yet another entry into the "Hall of Shame - IT Division"

Rob.Smith

-----Original Message-----
From: Rob Smith [mailto:rob.smith at THERMON.com]
Sent: Monday, November 18, 2002 11:46 AM
To: Thelist (E-mail)
Subject: [thelist] Double login to a Secure Intranet Problem


Hi List,

About a half a year ago our company released a secure extranet to all our
employees world wide, which would provide a dynamic information vehicle to
special groups. The only encryption used is Windows NT/Challenge Response.
The site is running on a Win NT box, IIS 4.0. The clients are supposed to be
using IE 5.1 or greater and nothing else.

When our users "logon" to the extranet, they're prompted to enter their NT
account info: username, password, and domain. If the users click, remember
my password, and click ok (to log on), they are prompted with a second
password box, and have to reenter their NT account info. How can I avoid the
second login?

Additional info: The powers that be absolutely refuse to configure each
users browser security settings. They absolutely refuse to pay the presumed
5-digit payment to authenticate to Verisign or whomever controls the
verified authentication stuff to make us an official "Trusted Site." In
addition to the "Trusted site" issue, we're getting the expected security
warnings upon opening docs such as *.doc, *.xls, etc. This is starting to
get on their nerves.

Thanks guys/gals/(other?),

Rob.Smith
--
* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !



More information about the thelist mailing list