You should be able to rewrite the button to post their username and password rather than URL encapsulate that data. I know one of our cross-system apps does that.
-------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > Sent: Thursday, February 12, 2004 8:10 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > > NO, they click on a button that does it for them. > > -----Original Message----- > From: Coleman, Hunter [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 5:30 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > So your users can remember to type > http://username:[EMAIL PROTECTED]/resource > > But they can't remember to type > http://servername.domain.com/resource and then enter their > username and > password when prompted? > > -----Original Message----- > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 2:38 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > Until we can do it another way it is a huge deal here at my > company with > over hundreds of people accessing Outlook Web Access this way > from home or > remote locations. > > -----Original Message----- > From: Roger Seielstad [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 11, 2004 4:15 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] MS04-004 > > I concur. And frankly, those aren't all that secure to begin > with, so I > don't see it as a huge deal. > > -------------------------------------------------------------- > Roger D. Seielstad - MTS MCSE MS-MVP > Sr. Systems Administrator > Inovis Inc. > > > > -----Original Message----- > > From: Coleman, Hunter [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 11, 2004 4:04 PM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] MS04-004 > > > > > > It should only affect URLs that embed user names and passwords. > > Otherwise, I don't see anything that would bugger up basic > > authentication. > > But let us > > know what you find on your test bench... > > > > -----Original Message----- > > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 11, 2004 1:49 PM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] MS04-004 > > > > Is there anyway to permit the basic authentication after it is > > installed? > > > > -----Original Message----- > > From: Coleman, Hunter [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 11, 2004 3:47 PM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] MS04-004 > > > > According to KB834489 > > (http://support.microsoft.com/default.aspx?scid=kb;en-us;83448 > > 9), it only > > applies to HTTP/HTTPS > > > > Hunter > > > > ________________________________ > > > > From: Celone, Mike [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 11, 2004 1:36 PM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] MS04-004 > > > > > > > > Anyone know if this also applies to ftp connections too. > On the SMS > > list one guy says it does and others say it doesn't? I haven't > > deployed the patch yet but plan on doing it soon. > > > > Mike > > > > -----Original Message----- > > From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, February 11, 2004 3:24 PM > > To: Exchange2000 (E-mail); ActiveDir (E-mail) > > Subject: [ActiveDir] MS04-004 > > > > If any of you use Basic Authentication over HTTP or HTTPS > you need to > > read this. > > > http://www.microsoft.com/technet/treeview/default.asp?url=/tec > hnet/security/ > > Bulletin/MS04-004.asp > <http://www.microsoft.com/technet/treeview/default.asp?url=/te > chnet/security > > /Bulletin/MS04-004.asp> > > The cumulative patch for IE no longer supports > http://username:[EMAIL PROTECTED]/resource > > Justin A. Salandra, MCSE > Senior Network Engineer > Catholic Healthcare System > 212.752.7300 - office > 917.455.0110 - cell > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/