Windows Authentication kept asking for username/password

I am deploying my web application on iis6. I kept receive this "windows security" pop up to enter user name and password.. I have already disabled anonymous user, and checked integrated windows authentication but it just wont "automatically" login.

What should i do?

I have check the security settings-local intranet zone: "login as automatic logon only in Intranet zone". Also my production server is a standalone server, and hence might not hold AD account and credentials.


For Internet Explorer, you might have to add the server address to the local intranet zone. IE often has a hard time detecting local intranet servers on its own, so you might have to manually add your site to that list. You can do that manually in IE settings or you can use group policies to manage a list of intranet servers within an AD domain. You can view the zone IE has chosen for your site from the menu File/Properties.

For Firefox, you have to tell FF to forward your network credentials to that site. in about:config you have to add the sites to the settings

network.automatic-ntlm-auth.trusted-uris

and

network.negotiate-auth.trusted-uris

.


http://support.microsoft.com/?id=258063 All you need to know, let me know how it goes.

I would love to rewrite this lovely article and take credit but that's cheating. I have fallen in the hands of this issue myself but this article was a life saver I keep it in my bookmarks under IIS solutions lol.

Update:

Let's get this straight you have I am presuming a windows server 2003/2003 r2 box or xp machine with IIS6.

Before we dig deeper check the following out make sure you have setup a new site in iis6, pointing to a folder in C:\inetpub\wwwroot\, if not there pointing to C:\MyOwnFolder or C:\Program Files\SomeFolder is fine you will need make sure folders have the following permissions:

Inetpub\wwwroot (or C:\MyOwnFolder) Administrators        Full control 
Inetpub\wwwroot (or C:\MyOwnFolder) System                Full control 
Inetpub\wwwroot (or C:\MyOwnFolder) IIS_WPG               Read, execute 
Inetpub\wwwroot (or C:\MyOwnFolder) IUSR_MachineName      Read, execute 
Inetpub\wwwroot (or C:\MyOwnFolder) ASPNET                Read, execute 

Source: http://support.microsoft.com/kb/812614

Now you should look into your IIS settings.

How to un-configure Authentication in IIS

  1. Start IIS Manager or open the IIS snap-in.

  2. Expand Server_name, where Server_name is the name of the server, and then expand Web Sites.

  3. In the console tree, right-click the Web site, virtual directory, or file for which you want to configure authentication, and then click Properties.

  4. Click the Directory Security or File Security tab (as appropriate), and then under Anonymous and access control or Authentication and access control, click Edit.

  5. Click to uncheck all options next to the authentication method or methods that you want are currently checked, and then click OK.

  6. Click to check enable anonymous access

  7. Make sure username is set to MACHINENAME\IUSR_MACHINENAME obviously replacing MACHINENAME with the name of your server/machine.

  8. IUSR is a built in account it should automagically authenticate it's self

Source: http://support.microsoft.com/kb/324274 ( this article is the opposite of what I just showed you to do )

Try all this if does not work I will give some further steps, there are a billion and one things you can check.