Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Enabling Integrated Windows Authentication

One of the queries we most often receive from InstantForum & InstantKB users of our Active Directory Module, is "How can I bypass the login step altogether and use my Active Directory/Windows Credentials to authenticate to the system". This is certainly a feature we spent a-lot of time on in the development of our LDAP module, and this article will hopefully shed some light on how to configure this.

Client Configuration

Firstly, you should note that all clients must have their browsers configured to enable integrated windows authentication, without this, your browser will not send your existing credentials to the server for validation. To enable this in Internet Explorer, simply go to

Tools -> Internet Options -> Advanced

and ensure the option in the "Security" area of the tree 'Enable Integrated Windows Authentication' is checked.

Server Configuration

You will find a page added to the KB by the LDAP module "WinLogin.aspx", which handles all seamless logins, this page takes the passed windows credentials and feeds them into the LDAP module, which then processes authentication and uses several verification/safety steps to ensure that the system is not compromised.

Integrated Windows Authentication

Please review the PDF attached to the very bottom of this article for assistance with integrated windows authenication.

Alternate Windows Integrated Access Strategies

Alternatively, you can have a sub-domain or some other method, which points towards WinLogin.aspx deliberately, exclusively for your Pre-Authenticated users, and everyone else may use the existing login/authentication system.

We recommend for security reasons, that ONLY internal users use the WinLogin method, and that all external users use the provided authentication form, which may or may not authenticate via Active directory as per your specified configuration.

Further Reading for Advanced Administrators

The most complex configuration to run, is one with complete seamless windows authentication, and forms authentication, side by side within the same environment, this is made difficult because of the architecture of IIS and was chief among our considerations in the development of the Active Directory Module,

The related links below may be of use to you when configuring windows authentication with your installation of the AD Module.

Should you have any questions please don't hesitate to open a support ticket or contact us