Self Service Authentication – Switching Between Authentication Options

Before Service Desk Express, when “Windows” authentication was not an option for the core product, the installer for Magic (whilst woeful in comparison to nowadays) used to have an option to have “Windows” authentication for Self-ServiceClient Services. Nowadays, the installer gives you the choice between “Windows” for the core product and for Self-Service or just the core product – ah, progress!

Anyway, for those organisations that want “Windows” for Self-Service but not for the core product, I thought I would post a quick “How-To:”

So, log onto the application server using, for example, remote desktop. Open IIS Manager by clicking on Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager. Assuming that you have installed the product in the Default Web Site, expand the Default Web Site, right-click on the Self-Service virtual directory (called HelpDesk by default) and select Properties for the popup menu that appears. Click on the Directory Security tab and click the button to edit Authentication and access control. Uncheck Enable Anonymous Access and check Integrated Windows authentication. Click OK to exit that window and OK to apply your changes. You will be presented with a screen that looks like the image below:

Inheritance Overrides


You MUST click the button to Select All and then press OK. You can close IIS Manager and log-off the application server.

One final thing to do – tell Service Desk Express that you want to use “Windows” authentication for Self-Service. To do this you need to run the following script against the SDE database:


And that is it. To reverse the process run the script above replacing the ‘1’ with ‘0’, check the Enable Anonymous Access and uncheck Integrated Windows authentication. Again, do NOT forget to click the Select All on the Inheritance Overrides window that appears.