Export (0) Print
Expand All

windowsAuthentication Element [IIS Settings Schema]

IIS 7.0

NoteNote:

For more information about the windowsAuthentication element, see the following topic on the Microsoft IIS.net Web site: Windows Authentication <windowsAuthentication>.

Specifies Windows authentication configuration.

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

AuthPersistNonNTLM

Optional boolean attribute.

Specifies whether IIS automatically re-authenticates every non-NTLM (for example, Kerberos) request, even those on the same connection. False enables multiple authentications for the same connections.

The default is False.

NoteNote:
A setting of True means that the client will be authenticated only once on the same connection. IIS will cache a token or ticket on the server for a TCP session that stays established.

authPersistSingleRequest

Optional Boolean attribute.

Setting this flag to True specifies that authentication persists only for a single request on a connection. IIS resets the authentication at the end of each request, and forces re-authentication on the next request of the session.

The default value is False.

enabled

Required Boolean attribute.

Specifies whether Windows authentication is enabled.

The default value is False.

useKernelMode

Optional Boolean attribute.

Specifies whether Windows authentication is done in kernel mode. True specifies that Windows authentication uses kernel mode.

Kernel-mode authentication may improve authentication performance and prevent authentication problems with application pools configured to use a custom identity.

As a best practice, do not disable this setting if you use Kerberos authentication and have a custom identity on the application pool.

The default is True.

Child Elements

Element

Description

extendedProtection

Optional element.

Specifies extended protection options for Windows authentication.

NoteNote:
This element was added in IIS 7.5.

providers

Optional element.

Specifies security support providers used for Windows authentication.

Parent Elements

Element

Description

configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

security

Specifies the section group that contains security-related sections.

authentication

Specifies the section group that contains authentication sections.

For more information about the windowsAuthentication element, see the following topic on the Microsoft IIS.net Web site: Windows Authentication <windowsAuthentication>.

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

Microsoft Internet Information Services (IIS) version 7.0

Community Additions

ADD
Show:
© 2014 Microsoft