Using integrated Windows authentication

Integrated Windows authentication provides a means of authorizing users of the administration site, but does not allow credentials to be transmitted over the network. When you enable integrated Windows authentication, the browser running the administrative interface initiates a cryptographic exchange with the Web server using either NTLM or Kerberos authentication to validate the user. This method provides a great deal of security, but does not allow IIS to delegate user names and passwords to remote servers. Therefore, you can administer the local Windows Media server only when integrated Windows authentication is enabled.

Integrated Windows authentication does not initially prompt the user for a user name and password. The Windows user account information on the client computer is used for authentication. However, if the authentication exchange fails to identify the user, the browser prompts the user for authentication information. Internet Explorer 2.0 or later is required, and integrated Windows authentication does not work across proxy servers or other firewall applications.

For more information about configuring IIS security properties, see Internet Information Services (IIS) Manager Help.