All geek questions in one place

Power sharepoint for authentication request

Is there a way to make sharepoint 2010 pop up in a dialog box to ask the user about the username and password and not use the computers that are logged in if that user does not have access.

We need an internal sharepoint website to not use Windows credentials, as these are computers used by many people. A Windows user does not have access to the site, so he currently shows that access is denied, click here to log in as another user. We would prefer that he simply request credentials more gracefully.

+4
source share
6 answers

There is a way to configure Internet Explorer for this. In Internet Explorer (IE),

  • Go to Tools
  • Click Internet Options
  • Go to the Security tab
  • Click on the button labeled Custom Level.
  • Scroll to the bottom of the list
  • Select the Prompt for user name and password. option Prompt for user name and password.

The default value of Automatic logon only in Intranet zone "is what forces IE to send credentials to SharePoint. This, of course, will force everyone to log on to this computer.

+5
source

Use a browser other than IE to access the SharePoint site from community computers.

alt text

+1
source

I assume that you work in a corporate environment, which means that your computers are likely to be managed by your IT department and part of your domain. Since they are part of your AD (Active Directory) company, your systadmins should be able to modify the existing policy (I say existing, because in IE, the default values ​​for logging settings are set by default so that you should have received an invitation to log in, I assume that Group Policy is already in effect). If it does not exist, create its administrators.

Mentioning Jeremy is one option. It may also be that the site is included in your Local Area Intranet IE. If so, or, more likely, there is a wildcard * .yourdomainname.yourdomainextension).

Use the parameter specified by jeremy to override the default login behavior (automatic login) associated with sites listed in the intranet zone.

Group policy can be applied to a group of computers or to all computers in a domain. If the policy should be applied only to a small group of computers, put these computers in a separate unit (organizational unit) in AD and apply the policy to this unit.

+1
source

How about creating a new FBA protected zone for these community computers? As long as community computer users are only provided with the URL for the new zone, you should be fine.

0
source

You can create two registry files to enable or disable this behavior for Internet Explorer. Use Notepad to paste the values ​​below, make sure that Windows Registry Editor Version 5.00 is the first line, re adding 2 empty lines at the end of the file (press 2x Enter).

  • To enable it (i.e. always ask for credentials): AlwaysAsk.reg

    Windows Registry Editor version 5.00

    [HKEY_LOCAL_MACHINE \ Software \ Policies \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ Zones \ 1] "1A00" = dword: 00010000

    [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ Zones \ 1] "1A00" = dword: 00010000

  • To disable it (automatically use credentials, request if necessary ): AutomaticLogon.reg

    Windows Registry Editor version 5.00

    [HKEY_LOCAL_MACHINE \ Software \ Policies \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ Zones \ 1] "1A00" = dword: 00020000

    [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ Zones \ 1] "1A00" = dword: 00020000

This is useful for testing, especially if you are a developer in a corporate environment where you cannot easily change the policy settings on your PC (but you need elevated rights, that is, you must run it as an administrator).

Please note that the 1st key is for the local computer, the second key is for the current user (currently logged in), which is necessary for its immediate activation.

If you need more information about the values, check out this link: Internet Explorer Security Registry Entries for Advanced Users

0
source

Source: https://habr.com/ru/post/1334557/

More articles:


All Articles