MicrosoftWe use Windows integrated security for intranet sites in conjunction with GMSA accounts in the app pool (the GMSA account is used for data access purposes).
For Authentication, our intranet site is set up in IIS with:
In the providers list for Win Auth, Negotiate is at the top of the list.
This works great until we use HTTPS. In HTTPS, users get challenged for credentials, which we DO NOT want to happen. We want the site to recognize their authentication so they can go on about their business. The site has a valid certificate and we use FQDN for SSL.
We have other on premises intranet sites (most notably Azure DevOps Server, and SQL Reporting services) also set up for SSL on the same domain. Neither of these sites challenges users for network credentials.
How do we get the same results for our intranet sites over SSL running under IIS?
