I have an ASP.NET MVC 5 application that uses Exchange Web Services Managed API to query data from on premise Exchange and displays the data on an intranet site hostet in IIS 8.5 on Server 2012 R2. I use Windows Authentication to secure the site.
The problem is that mobile devices (and their browsers) don't get login prompts when they open the site and instantly receive 401 Access denied errors (invalid credentials).
Here are the devices that work:
- Domain-joined Windows 8 PC with Opera/IE/Firefox (my dev machine)
- Non domain-joined Windows 7 PC with IE/Firefox
- Windows Phone 8 Emulator (on the dev machine)
Here are the devices that don't work:
- Windows 10 Mobile Phone with Edge
- Android Tablet with stock browser/Chrome/Firefox/Opera
The devices that work get the login prompt, the devices that don't work, aren't.
Configuration from IIS:
- Kernel mode enabled
- App pool runs as a domain account
- SPN is set on the machine account (http/ & http/)
- useAppPoolCredentials in applicationhost.config is set to false
- ASP.Net Impersonation is off
- Anonymous Authentication is off, Windows Authentication is on
- Providers: Negotiate, NTLM (in that specific order)
Can anybody help?
No comments:
Post a Comment