Why Windows Vista based client prompts to enter your credentials when you access an FQDN site?

  • Article

One of my customer reported that whenever he tries to use Web Distributed Authoring and Versioning (WebDav) to access a fully qualified domain names (FQDN) site. But he is prompted to enter the credentials, even though the user account that we are using has sufficient permission to access this site. During the research we found that he tries to access from a Windows Vista-based computer, where he do not configure a proxy in Windows Internet Explorer and he gets this issue/prompt.

It’s because, in Windows Vista, Internet Explorer uses the Web Client service when you use Internet Explorer to access a WebDAV resource. The Web Client Service uses Windows HTTP Services (WinHTTP) to perform the network I/O to the remote host. WinHTTP sends user credentials only in response to requests that occur on a local intranet site. However, WinHTTP does not check the security zone settings in Internet Explorer to determine whether a Web site is in a zone that lets credentials be sent automatically.

If no proxy is configured, WinHTTP sends credentials only to local intranet sites.

Note If the URL contains no period in the server’s name, such as in the following example, the server is assumed to be on a local intranet site: https://sharepoint/davshare

If the URL contains periods, the server is assumed to be on the Internet. The periods indicate that you use an FQDN address. Therefore, no credentials are automatically sent to this server unless a proxy is configured and unless this server is indicated for proxy bypass.

Note A server can be indicated for proxy bypass either through the bypass list or through the proxy configuration script.

In this case, you are prompted to enter your credentials when the Web site asks for credentials. Even in this case, the security zone settings are ignored.

Hotfix available: To overcome this issue, a supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hot fix only to systems that are experiencing this specific problem.

Important This hotfix is included in Windows Vista Service Pack 1 or a later service pack. However, you must still configure the AuthForwardServerList registry entry. For more information, see the Registry information section.