Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
For more information about the windowsAuthentication element, see the following topic on the Microsoft IIS.net Web site: Windows Authentication <windowsAuthentication>.
Specifies Windows authentication configuration.
Syntax
Attributes and Elements
The following sections describe attributes, child elements, and parent elements for this section.
Attributes
Attribute |
Description |
|---|---|
AuthPersistNonNTLM |
Optional boolean attribute. Specifies whether IIS automatically re-authenticates every non-NTLM (for example, Kerberos) request, even those on the same connection. False enables multiple authentications for the same connections. The default is False. Note A setting of True means that the client will be authenticated only once on the same connection. IIS will cache a token or ticket on the server for a TCP session that stays established. |
authPersistSingleRequest |
Optional Boolean attribute. Setting this flag to True specifies that authentication persists only for a single request on a connection. IIS resets the authentication at the end of each request, and forces re-authentication on the next request of the session. The default value is False. |
enabled |
Required Boolean attribute. Specifies whether Windows authentication is enabled. The default value is False. |
useKernelMode |
Optional Boolean attribute. Specifies whether Windows authentication is done in kernel mode. True specifies that Windows authentication uses kernel mode. Kernel-mode authentication may improve authentication performance and prevent authentication problems with application pools configured to use a custom identity. As a best practice, do not disable this setting if you use Kerberos authentication and have a custom identity on the application pool. The default is True. |
Child Elements
Element |
Description |
|---|---|
extendedProtection |
Optional element. Specifies extended protection options for Windows authentication. Note This element was added in IIS 7.5. |
providers |
Optional element. Specifies security support providers used for Windows authentication. |
Parent Elements
Element |
Description |
|---|---|
configuration |
Specifies the root element in every configuration file that is used by IIS 7. |
system.webServer |
Specifies the top-level section group (in ApplicationHost.config) in which this element is defined. |
security |
Specifies the section group that contains security-related sections. |
authentication |
Specifies the section group that contains authentication sections. |
Remarks
For more information about the windowsAuthentication element, see the following topic on the Microsoft IIS.net Web site: Windows Authentication <windowsAuthentication>.
Element Information
Configuration locations |
Machine.config ApplicationHost.config Root application Web.config Application Web.config Directory Web.config |
Requirements |
Microsoft Internet Information Services (IIS) version 7.0 |
See Also
Reference
extendedProtection Element for windowsAuthentication [IIS Settings Schema]
providers Element for windowsAuthentication [IIS Settings Schema]