Use this checklist as a starting point when troubleshooting SSO.
What to check first
- Verify that the protocol and port in the FotoWeb site settings are set correctly. (HTTP = Port 80, HTTPS = Port 443):
- If HTTPS is used, a trusted certificate must be used on the FotoWeb server. Ideally, certificates should be CA-signed. Self-signed certificates must be made trusted.
Note: We do not recommend using self-signed certificates in production systems.
- In the IIS Manager, go to the website where FotoWeb is installed and verify in Bindings that the HTTPS binding (port 443) is bound to All Unassigned rather than to one specific IP address.
- You may need to restart FotoWeb services.
1. Using the Windows Task Manager or Process Explorer, verify that BuiltinAuthenticationProvider.exe is running without repeatedly restarting. If it is continually starting up and terminating, something is not right.
2. Note the precise error messages that appear. It is helpful if you can provide FotoWare Support with screenshots or video recordings of the behaviour experienced.
Known issues with Windows authentication
1. Windows authentication does not work with the Apache (build-in) web server, only with IIS.
2. Windows authentication does not work on secondary FotoWeb sites
3. Windows authentication has issues with multiple domains and domain forests.