SSO login prompt for Extranet Site
https://sharepoint.stackexchange.com/questions/147863
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We are having an issue about SSO in our Extranet Site where we always need to enter username and password when we enters the site, but in our Intranet Site we are not experiencing that.
Both site are just Site Collection of our main SharePoint instance hosted in IIS 7.
Adding the URL in trusted Site which is working, is not an the option.
Anyone experience this issue? What are the things that I need to check in our server that causing this issue?
Solution
It heavily depends on the URLs which are configured to access your SharePoint sites.
I would guess that you access your Intranet-SharePoint via a non-FQDN URL (e.g. http://intranet) and your Extranet-Site via FQDN (http://extranet.company.com).
Internet Explorer does an automatic zone detection. If my assumptions match your environment, IE will assign your Intranet-Site to the IE Security Zone "Local Intranet". In this zone the option "Automatic logon only in Intranet zone" ist set. This will allow IE to forward the user's credentials to SharePoint and so a SSO will happen.
Your SharePoint-Extranet will be assigned to the Internet Zone where the above option is not set by default. You can check the security zone by opening the site, open the IE-context menu via right-click and then select properties. You can see the zone there.
Best solution is to add all SharePoint-related URLs to the "Local intranet" zone (it's better than "Trusted sites" for SharePoint).
You mentioned that this is not possible for whatever reason. Unfortunately i do only see bad solutions for you:
- Enable "Automatic logon only in Intranet zone" for the Internet-Zone
- Use a 3rd party single-sign-on tool
