Enabling .NET Passport Authentication in IIS 6.0
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
When .NET Passport is enabled, requests coming into IIS must contain .NET Passport credentials either on the query string or within a cookie. The credentials also have to be valid, meaning the ticket has not expired. If IIS does not detect .NET Passport credentials, requests are redirected to the .NET Passport sign-in page.
.NET Passport uses cookies, which contain information that can be compromised. However, .NET Passport authentication can be used over a Secure Sockets Layer (SSL) connection, which reduces the potential of replay attacks.
Important
You must be a member of the Administrators group on the local computer to run scripts and executables. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run your script or executable as an administrator. At a command prompt, type runas /profile /User:MyComputer\Administrator cmd to open a command window with administrator rights and then type cscript.exe ScriptName (include the script's full path and any parameters).
Procedures
To enable .NET Passport authentication on a Web site
In IIS Manager, expand the local computer, expand the Web Sites folder, right-click the Web site on which you want to enable .NET Passport authentication, and click Properties.
Click the Directory Security tab.
In the Anonymous access and authentication control section, click Edit.
Select the .NET Passport Authentication check box. There are fundamental differences in the way .NET Passport validates user credentials, so .NET Passport cannot be used with other authentication methods. When .NET Passport authentication is selected, all other authentication methods are unavailable.
Click OK.
Related Information
For comprehensive developer and technical support resources to help businesses implement .NET Passport services, including information about licensing and implementing .NET Passport, see the Microsoft .NET Passport for Developers Web site.
For information about configuring .NET Passport authentication programmatically, see AuthFlags Metabase Property in the Metabase Property Reference.
For more information about SSL, see Configuring SSL on a Web Server or Web Site.
For more information about secure protocols, see Authentication in IIS 6.0.