We came across a request recently where we had an Internet facing AX 4.0 Enterprise Portal (EP) setup already with SSL and using Windows Authentication, running on Windows Server 2003 R2 SP2 (x86). The customer requirement was to use Basic Authentication with SSL instead and also not have to specify the domain name in the user credentials when authenticating with EP (i.e instead of typing domainname\username, just be able to specify username).

As stated in the AX 4.0 setup guides (http://msdn.microsoft.com/en-us/library/aa834430(AX.10).aspx) when using SSL you can use Basic Authentication for Internet facing Enterprise Portal sites. To set up Basic Authentication on a site that is already protected with SSL do the following:

1. Start -> Administrative tools -> and then click SharePoint 3.0 Central Administration.

2. Click the Application Management tab. Then, click Authentication providers under Application Security on the Application Management page.

3. On the Authentication Providers page, click the down arrow in the Web Application box, click Change Web Application, and then click the Web application that you want to configure.

4. Under Membership Provider Name, click Windows. Then, in the IIS Authentication Settings area of the Edit Authentication page, click to clear the Integrated Authentication checkbox.

5. Click to select the Basic authentication (password is sent in clear text) check box and Anonymous Authentication checkbox.

6. Go to IIS Manager

7. Go to Web site where Enterprise Portal is created on

8. Right click on the site and select “Properties”

9. Go to Directory security tab

10. Under Authentication and access control click on “Edit” button

11. Uncheck “Integrated Windows Authentication”

12. Check Basic authentication (password is sent in clear text) and select Default domain (Active Directory Domain) and Realm. After this action you should be able to log in with just your username and password without having to specify the domain name. Please note when using Basic Authentication, you cannot use Internet Explorer to automatically log you on with your logged on credentials. You will get an authentication prompt each time you access the site.

Please note: We do NOT recommend using Basic Authentication without first taking steps to protect the site adequately with SSL. Secure Sockets Layer (SSL) is a protocol that allows Web servers and clients to communicate more securely through the use of encryption. When SSL is not used, data sent between the client and server is vulnerable to observation by anyone with physical access to the network. To implement SSL, you must install a certificate and a private encryption key on the Web server. For more information about implementing SSL, refer to: 

  • IIS Operations Guide (which can be found by searching on TechNet)
  • Knowledge Base article 298805