I've previously posted an issue with authentication via LDAP/AD for ccservice [1], I'm not sure if this is related or completely separate. We've enabled Windows Integrated Authentication on our IIS server which hosts our web dashboard. This seems to work OK. However, the authentication isn't passed through to the servers/projects where I've implemented security.
IOW, even if I'm a member of a group that has permission to view a project on my build server, I cannot view the project via my dashboard until I click the server on the left-hand menu, then Login, and use my AD credentials (which have already been handled by IIS as part of the Windows Integrated Authentication). Is it possible to configure the credentials to "pass through" so people don't have to log in? That's why I opted for the Integrated authentication in the first place, for single sign-on. 1: http://jira.public.thoughtworks.org/browse/CCNET-1986
