Password caching on the host
When a user signs in to a FH Web Edition server with standard authentication (either with a user name and password supplied by the Sign In dialog box, parameters, or command-line arguments), that user is added to the host's INTERACTIVE group. A user that signs in to a FH Web Edition server using Integrated Windows authentication is added to the host's NETWORK group. By default, members of the INTERACTIVE group have greater access to the host's resources than members of the NETWORK group. As a result, a user that signs in with Integrated Windows authentication may encounter "access denied" errors under a number of conditions.
Note: Areas restricted from members of the NETWORK group include DCOM (also known as OLE and COM/COM+) security limitations, file security limitations, and application specific security checking. Administrators should verify that all resources (files, services, etc.) that integrated Windows authenticated users need to access have the proper security settings to allow that access.
To avoid these errors, administrators can enable the cache passwords on the host option. Doing so allows users to sign in from Windows computers that are members of the same domain as the FH Web Edition server, without having to enter their user name and password every time they connect.
Users are prompted for a password when first connecting to the host or following a password change. Passwords are stored within their respective profiles and can only be decrypted from within their respective security contexts. With subsequent connections to FH Web Edition, users are automatically signed in and added to the host's INTERACTIVE group. They are granted the same access rights had they signed in to the host at its console.
Caching passwords on the host requires delegation, which is supported by Windows 2000 or later on Active Directory networks with the proper settings. Instructions on properly configuring an Active Directory Domain Controller are available in your Microsoft Windows operating system documentation. For a list of configuration requirements for delegation, see Configuration Requirements for Delegation Support in Chapter 6.