FP2000: Windows Integrated Authentication (NTLM) Doesn't Work, Basic Does

When you use Windows Integrated Authentication (NTLM or NT Challenge Response) to try to access a password-restricted part of a Web site that is hosted on a Microsoft Internet Information Services Web server, you are denied access. You receive one of the following error messages in FrontPage: -or- NOTE: In this scenario, Basic Authentication still works, which indicates that this not a permissions issue. (NTLM also requires the "Access This Computer from the Network" user right.)

This behavior occurs when the HTTP Keep-Alives option is not turned on.

To resolve this behavior, turn on the HTTP Keep-Alives option. To do this, follow these steps:

1.	In the Microsoft Management Console, open the Internet Information Services snap-in.
2.	Right-click the affected virtual server.
3.	Click Properties.
4.	On the Web Site tab, select the HTTP Keep-Alives check box.
5.	Click OK.

Most Web browsers request that the server keep the connection open across multiple requests; this is referred to as HTTP Keep-Alives. The HTTP specification defines Keep-Alives to allow for greatly enhanced server performance.

Keep-Alives are enabled by default during the installation of Internet Information Services. Without Keep-Alives, a browser must make numerous connection requests for a page that contains multiple elements, such as graphics. This is because a separate connection must be made for each element. These additional requests and connections require additional server activity and resources, thus decreasing server efficiency and making a Web browser slower and less responsive.

For additional information, please see the HTTP Specification at the following Web site: