Hi,
I have an issue with users logging on when pass-through authentication is enabled (SSO) and they are accessing the site through a domain other than ours. Let me explain...
We are an academy with service desk hosted on domain-1 and published to the web. Users are created on domain-1 with SSO configured and working on this domain.
Our other sites domains2-6 access servicedesk over the web with a username and password that we have supplied (e.g. domain-1\username). When they access the page they are prompted for the username and password and then get a 'Page cannot be displayed' error and the address bar is http://<url-to-servicedesk>:<port>/ntlmv2. This is the case for any user account that tries to authenticate at these sites even if they work at the main site.
We have a mixture of WinXP (SP3) and Win7 (SP1) PCs and all show the same issues. To add to this any external pc not on a domain can authenticate as expected...
I have tried all previous suggestions regarding the LmCompatibilityLevel and NTLMMinClientSec reg settings and the local group policy settings for NTLM with no success. The site is added to trusted sites and has been in the Local Intranet groups within IE too.
Looking at the jespa logs I can see not failures so am struggling to see what it going on. Details for our build are:
Version 8204 on server 2008 R2 with a POSTGRE backend.
Any help would be greatly appreciated.