|
|
|
date: Wed, 10 Sep 2008 05:53:18 -0700 (PDT),
group: microsoft.public.platformsdk.security
back
Re: IIS IWA with IE started via smart card credentials.
Hi ceh, I am trying to logon with a smartcard from an application as well,
except I want to call LogonUser, not CreateProcessWithLogon. Can you share
how you are retrieving the certificate from the smartcard? I would be very
appreciative for any information you could give me regarding this.
As far as your particular problem, what logon flag are you using in your
call to CreateProcessWithLogon()?
Instead of calling CreateProcessWithLogon(), have you tried calling
LogonUser() with LOGON32_LOGON_INTERACTIVE, then passing the token to
CreateProcessWithToken()?
Just some ideas. I'm a complete n00b to the Windows Security SDK stuff.
Cheers,
Greg
"ceh" wrote:
> On Sep 10, 8:53 am, ceh wrote:
> > IIS 6 on Win 2k3
> > IE 6+ on XP Pro SP2
> >
> > Hi, I'm starting a IE as the user on a smart card via
> > createprocesswithlogonw to attempt Integrated Windows Authentication
> > to a website.
> >
> > The userid is the string version of the cert, the passwd is the PIN
> > and there is no domain.
> > IE starts fine. TaskMgr shows it running as the correct user.
> > I then navigate to an IWA web site. IE prompts me for credentials.
> > I've tried setting IE to automatically logon or logon with un and pw
> > via options in multiple sites. None alleviate the issue.
> >
> > If I start IE with runas via un / pw it can IWA me just fine.
> >
> > Can anyone tell me what I need to do to get the smard card credential
> > invocation to work correctly?
> >
> > Thanks.
>
> Sorry, forgot to mention that if I log on to the OS via smart card and
> then navigate to that site, IWA works fine. IIS gets the info it
> needs.
>
> The problem is only when the OS logged on user and the user running IE
> are different.
>
date: Fri, 19 Sep 2008 10:46:01 -0700
author: gregg1ep00
|
|
