Microsoft KB Article http://support.microsoft.com/?id=943280

In my previous 2 posts, I explained the settings needed to allow Internet Explorer to automatically login to your SharePoint sites without presenting the popup login box. Even if you have addressed the issues I documented there however, you may still receive repetitive login boxes when opening files with the MS Office programs such as Word, Excel, and PowerPoint.
The problem occurs when you are working on Windows Vista, and has to do with the way Vista accesses SharePoint data locations when using a fully qualified domain name without a proxy server. If you are using Windows XP as your desktop operating system, using a proxy server for internet access, or are typing a NetBIOS name to reach your SharePoint server - this problem should not exist and this solution will likely not help. The full issue and solution is now documented in the Microsoft Knowledge base in article #943280. Here is the quick and dirty answer they recommend, which has successfully fixed the problem in my own personal testing.
First of all, the way Vista accesses SharePoint data locations has been modified by Vista Service Pack 1 - so... you really should install SP1. If you cannot install SP1 or are awaiting a central deployment, you can request a specific hotfix from Microsoft instead by following the steps mentioned in the knowledge base article above.
Once you have Vista SP1 or the hotfix installed, a registry entry must be created to list the URL's to which Windows is allowed to automatically send credentials. Of course, all of the normal cautions that you receive when editing the registry should apply here. Here's how to do that:

1. Go to START > RUN, and type regedit.
   
2. When the Registry Editor window opens, follow this path:
   HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > WebClient > Parameters.
   
3. Right-click the 'Parameters' subkey, and choose New > Multi-String Value.
4. Type the name AuthForwardServerList.
5. Open the AuthForwardServerList value and type in the list of SharePoint server URL's that are trusted for your organization - one URL per line.
   
   
   NOTE: You can use wildcards to reduce the number of lines needed.
   (e.g. http:// *.domain.com)
   You will have to type in separate URL's for both http and https URL's if you use them.
6. Close the Registry Editor window.
   
7. Reboot your PC, or at least go to START > ADMINISTRATIVE TOOLS > SERVICES, and restart the WebClient service.

ISSUE #2 – Your current user account has not been given permission to the SharePoint site, page, or list you are trying to access.

SYMPTOMS: You have already performed the steps listed in ISSUE #1 – Internet Explorer Security Settings, and you continue to receive the login prompt.
It is likely that your current Windows user account has not been given permission to access the site. This issue is most common if you are working from home (or another external computer) where you are logged into your computer with a non-domain account. There’s not much you can do to prevent this one – you’ll just have to login manually when you first browse to the site. After that you should not be asked to login again until you close Internet Explorer.
This scenario is also common when you are accessing a SharePoint site / page / list for the first time or after the Site Owner has reconfigured security. In this case, you will receive the login prompt 3 times, and then a full-color SharePoint error page will appear telling you that you are not authorized. If you experience this variation, either the Site Owner or the SharePoint Admin will have to verify the SharePoint permissions to make sure that the appropriate permissions are applied for you.
ISSUE #3 – You have checked the little ‘remember my password’ box, and then your password has changed since.

SYMPTOM: The login prompt is coming up every time you click a link within the site. When you enter a valid username and password, the page loads. However, it comes up again on every new page you visit. As a side-effect, sometimes your Windows user account will get locked out after a few pages.
This repeating login box is caused by a stored password that is no longer valid, and happens because the user has at some time checked the box to ‘Remember my password’ when they were logging in. It seems like a good idea at the time, but then it comes back to bite you later when your password expires or is otherwise reset. Windows automatically tries to use the stored credentials to login to the site again and again every time you try to open another page on that site, instead of using your current credentials as it normally would.
Removing these stored passwords is possible, but it can be a challenge if your domain security policies hide some of your Control Panel options. Here are a couple of ways to try:

1. In Windows Vista, Open the Control Panel, and choose the ‘User Accounts’ applet.
   
2. Click the link on the left side of the window that says ‘Manage your network passwords’.
3. Select and Remove any sites that are related to your new password.
   In Windows XP, the path is slightly different: CONTROL PANEL > STORED USERNAMES AND PASSWORDS.
   

If you do not have the option you need in the Control Panel, there is a way to bring up the box via the Run box.

1. Go to START > RUN.
2. Type the following:
   rundll32.exe keymgr.dll,KRShowKeyMgr

If you are a domain administrator you can make a central setting with Active Directory Group Policy to disable the use of the 'Remember my password' feature, which is a good idea not only for SharePoint login purposes, but also for general network security concerns.

1. Logon to a domain controller and go to START > ALL PROGRAMS > ADMINISTRATIVE TOOLS > ACTIVE DIRECTORY USERS AND COMPUTERS.
2. Right-click the domain name (or the Organizational Unit that contains the users you wish to control), and choose Properties.
3. Go to the 'Group Policy' tab, and edit the policy you created earlier for the IE Security Settings.
4. Drill down to: COMPUTER CONFIGURATION > WINDOWS SETTINGS > SECURITY SETTINGS > LOCAL POLICIES > SECURITY OPTIONS.
5. Enable the setting called 'Network Access: Do not allow storage of credentials or .Net Passports for network authentication'.
6. Close all open windows, and wait for the changes to replicate through your environment.

One or more of these issues has been the culprit in every instance of login problems that I’ve ever had to troubleshoot. If you have domain admin level privileges in your network, you can greatly decrease support calls and increase user adoption by implementing the Group Policy changes detailed in Issues 1 and 3. It is well worth the effort.

From original post http://sharepointsolutions.blogspot.com/2008/06/how-do-i-make-our-sharepoint-site-stop.html

ISSUE #1 – Internet Explorer Security Settings
SYMPTOM: Whenever you browse to your SharePoint site, the little popup dialog box appears asking for your user name and password. If you enter your credentials, it lets you enter the site – it’s just annoying to have to do this again each time you go to your site. If you enter the wrong credentials, leave off the domain name, or type the wrong slash, the box will reappear a total of three times. If you never get it typed correctly, you will receive a generic black and white error message stating that ‘You are not authorized to view this page’

If you are experiencing this combination of symptoms, you probably need to adjust your Internet Explorer Security Settings. Even if you are unsure if your symptoms exactly match – this is a good place to start troubleshooting.
In a nutshell, the SharePoint site(s) must be added to either the Local Intranet zone or to the Trusted Sites zone on the client PC. Most users are familiar with the Trusted Sites zone, and may already use it for some things. However, the default settings in Internet Explorer don’t always allow automatic login in the Trusted Sites zone – especially in IE7. Explorer won’t allow a site to be in both zones, so I recommend a package of settings to make sure that authentication continues to work. The good news is if you have Domain Admin privileges you can control all of these settings centrally by using Active Directory and Group Policy – more on that later.

1. Open IE on your computer, go to TOOLS > INTERNET OPTIONS, and then choose the Security tab.
2. Click on the ‘Local Intranet’ zone icon, and then the Sites button.
   
3. That will give you a second box, where you must click the Advanced button before entering and adding the site URL(s) – see pictures below

skip to main | skip to sidebar

SharePoint Solutions Blog

Since 2004, a blog by members of the SharePoint Solutions team - experts and pioneers on Microsoft SharePoint

Tuesday, June 17, 2008

How do I make our SharePoint site stop asking me to login? – Part I

This was one of the most common user requests I got during my system admin days. I was recently asked again by a student in one of my classes, so I thought it would be a good candidate for my first blog post here. In most environments, SharePoint sites should automatically log you in via your existing Windows credentials without ever asking who you are. So, if you receive the little pop-up login box – it means you have one or more of three separate issues. The symptoms for these three issues are similar, but there are differences to help you figure out which specific issue you are having. Of course, you could have a combination of issues… I’ll address the first and most common issue in this post, and then I’ll cover the other two in a later post.
ISSUE #1 – Internet Explorer Security Settings
SYMPTOM: Whenever you browse to your SharePoint site, the little popup dialog box appears asking for your user name and password. If you enter your credentials, it lets you enter the site – it’s just annoying to have to do this again each time you go to your site. If you enter the wrong credentials, leave off the domain name, or type the wrong slash, the box will reappear a total of three times. If you never get it typed correctly, you will receive a generic black and white error message stating that ‘You are not authorized to view this page’ (see example below).

If you are experiencing this combination of symptoms, you probably need to adjust your Internet Explorer Security Settings. Even if you are unsure if your symptoms exactly match – this is a good place to start troubleshooting.
In a nutshell, the SharePoint site(s) must be added to either the Local Intranet zone or to the Trusted Sites zone on the client PC. Most users are familiar with the Trusted Sites zone, and may already use it for some things. However, the default settings in Internet Explorer don’t always allow automatic login in the Trusted Sites zone – especially in IE7. Explorer won’t allow a site to be in both zones, so I recommend a package of settings to make sure that authentication continues to work. The good news is if you have Domain Admin privileges you can control all of these settings centrally by using Active Directory and Group Policy – more on that later.

1. Open IE on your computer, go to TOOLS > INTERNET OPTIONS, and then choose the Security tab.
2. Click on the ‘Local Intranet’ zone icon, and then the Sites button.
   
3. That will give you a second box, where you must click the Advanced button before entering and adding the site URL(s) – see pictures below.

If you get an error when you click the Add button, you probably need to uncheck the ‘Require server verification (https:) for all sites in this zone’ box. Then try again.
You should add each SharePoint portal / web application to this list, or use a domain wildcard entry (http://*.domain) if that is acceptable and relevant in your environment.
If users are able to type a short NetBIOS style name (without any domain name) for any portal, the short names should also be added.
If SSL encryption is sometimes used for any portal / web application, you should add the name(s) twice – once with the http: prefix and again with the https: prefix.

1. Click the Close and OK, and you should find yourself back on the Security tab.
   (If you are looking for a quick fix, this alone might take care of the problem. Again though, I recommend following the rest of these steps to prevent things from ‘breaking’ again later.)
2. We should now adjust the default security settings for each zone to allow for future user changes. The easiest way to do this is to set the ‘Local Intranet’ and the ‘Trusted Sites’ zones to the Low security level without Protected Mode, the ‘Restricted Sites’ to the High security level with Protected Mode, and the ‘Internet’ zone to the Medium-High level with Protected Mode (click each zone icon and then move the slide all the way down for each – see picture below).
3. 
   
   If you don’t see the slider at all, click the ‘Default level’ button. That should bring the slider back.
   Protected Mode is actually not directly related to the login process, but will simplify the use of some SharePoint integration features. If you uncheck ‘Protected Mode’ for the ‘Local Intranet’ zone, you will likely receive a dire-looking warning box when you click OK. You’ll have to use your own discretion as to whether this setting is appropriate for your end users.
   Some administrators or users may not want to apply the entire package of settings incorporated in the Low setting. You can make a more surgical strike by using the ‘Custom level…’ button. The relevant setting in the Custom box is at the very bottom of the list of options. It’s called ‘Automatic logon with current user name and password (see picture below).
   
4. Click OK to exit the Internet Options box, and then close all Internet Explorer windows.
5. Open a new Explorer window and browse to your SharePoint site. You should be logged in automatically using your Windows credentials.
   If you still receive the login prompt, you apparently have one of the other issues listed at the end of this post.

If you are a Domain Admin, you probably want to apply these settings to all of your users. That way they can quit calling you about it and move on to other problems… This can be done by using Active Directory Group Policies.

1. Login to your domain controller using an account that has domain admin privileges, and perform the steps listed above to create the appropriate package of settings. The following steps allow you to import that package of settings into Group Policy.
2. Go to CONTROL PANEL > ADD OR REMOVE PROGRAMS > ADD/REMOVE WINDOWS COMPONENTS > INTERNET EXPLORER ENHANCED SECURITY CONFIGURATION.
3. 
   
4. Uncheck the Internet Explorer Enhanced Security Configuration option, and click Next until the wizard completes.This option can be re-enabled after step 10??, if you want or if your corporate policy requires it.
5. Go to START > ALL PROGRAMS > ADMINISTRATIVE TOOLS > ACTIVE DIRECTORY USERS AND COMPUTERS.
6. Right-click your domain name (or whichever Organizational Unit contains the users to which you wish to apply this fix), and choose Properties.
7. Click the ‘Group Policy’ tab, and then the New button. Type in a descriptive name for the New Group Policy Object that appears.
8. 
   
9. Make sure that your new policy is selected and click the Edit button.
10. Drill down to USER CONFIGURATION > WINDOWS COMPONENTS > INTERNET EXPLORER MAINTENANCE > SECURITY > SECURITY ZONES AND CONTENT RATINGS.
11. 
    
12. When you click the button labeled ‘Import the current security zones and privacy settings’, you will likely receive a warning about ‘Internet Explorer Enhanced Security Configuration’.

This is why we disabled the enhanced configuration in step 3, so that this policy would apply to normal workstations. Click Continue.

1. Close all open windows.
   You can now go back to the ‘Add/Remove Windows Components’ box and re-enable the Internet Explorer Enhanced Security Configuration if you wish.
   The changes will take time to replicate through your entire network or enterprise, depending on your particular Active Directory replication topology. In a single-site network, you may see the changes take effect within 15 to 90 minutes. In multi-site networks, it may take a day or more.

Orignal post from http://sharepointsolutions.blogspot.com/2008/11/understanding-calendar-columns-in.html

On my SharePoint site, I've created a custom list named Vehicle Reservations. This list has columns named Purpose, Vehicle, Reservation Date, Driver, and Vehicle and Driver.

• The Title column was renamed to Purpose.
  
• The Vehicle column is of type Choice with options of: Car 1, Car 2, Car3, and Car 4.
  
• The Reservation Date column is of type Date and Time and uses the Date Only format.
  
• The Driver column is of type Text. I was going to make it of type Person or Group, but that type isn't available for calculations.
  
• The Vehicle and Driver column is of type Calculated. I use the formula =CONCATENATE([Vehicle]," - ",[Driver]) to create a single string with the vehicle name and the driver name with a hyphen and spaces between them.
  

I created a new view using the Calendar View format.

In my new view, I set the following parameters:

• In this scenario, vehicles are reserved on a daily basis. So I selected the Reservaton Date column for both the Begin and End dates.
• In the Month view, I only want users to see which cars are reserved on particular days. So for the Month View Title, I selected the Vehicle column.
• In the Week view, I want users to be able to easily see who will be driving each vehicle. So for the Week View Title, I selected the Vehicle column, and for the Week View Sub Heading, I selected the Driver column.
• In the Day View, I want users to easily see who is driving which vehicle and also the purpose of the trip. So for the Day View Title, I selected the Vehicle and Driver calculated column, and for the Day View Sub Heading, I selected the Purpose column.
  

In my list, I have one row of information as shown here. Note: Although my last name is Spears, I'm not related to Britney. I just thought that Britney Spears probably doesn't get mentioned in SharePoint blog posts very much so I thought I'd mention her in this one. :-)

Now, let's see how those this information shows up in the Month, Week, and Day views:

In the Month view, you only see the name of the car.

In the Week view, you see the car and the driver's name.

In the Day view, you see the car, the driver, and purpose.

I hope this clears up a few things for some of you who have wondered about how the calendar view options and settings work.

Original Post from http://community.zevenseas.com/Blogs/Daniel/archive/2008/11/21/free-solution-link-conductor-url-management-tool.aspx

Our site, which is based on SharePoint, is like all sites, scattered with all sorts of links. Our blogs, which are based on SharePoint, are also, scattered with links. Finally, our products, which are slowly scattering over lots of servers, often include links to help people find upgrades or other information.

Managing all these links, and by that I mean keeping them current, can be a real pain.

For example:

1. Our blog post that announced our “Tagged Links V1.0” solution linked to the Tagged Links 1.0 download, but, now that we have released V1.1 we want to make sure people are instead downloading the new version. We want to be able to do this without having to go back through all those old blog posts to adjust them.
2. Our products include built in links to walkthroughs, and potentially links to our store, if we change our store, how can we make sure all those old links out there still send people to the right place!

And there are many more reasons why some sort of link redirector comes in handy, its why you will often find Microsoft linking to their properties like this:
http://go.microsoft.com/fwlink/?LinkId=XXXXXX

Link Conductor provides a complete solution for doing this with SharePoint. We have also included a basic statistics list that tracks every click we get, and as a bonus, who the referrer was was, so you can see just who is giving you the “link love”.

So, show me how it works?

1) Download and install the Link Conductor (make sure you read the included Readme for installation instructions)

2) When installed you will need to activate both the Site Collection and Site Configuration features.

3) These will add the following links to your Sites Site Settings page:

The “Link Conductor” link, under the “Galleries” heading, is where you define your redirects and the “Link Conductor Statistics” link, under the “Site Administration” section, is where you can track the statistics around each of your redirects.

The Link Conductor List

1) After clicking on the “Link Conductor” link in Site Settings you will be taken to the “Link Conductor” list.

2) As described in the list description area, this is the list where you can define and manage any redirects for this Site (sometimes called a Web). It also describes the URL which will provide the redirect, in the format http://<Your Site URL>/go.aspx?<Category>=<Action>.

The “Category” and “Action” values are pretty arbitrary, and can essentially be anything you like. I named them this way based on their usage on our site, with a loose definition as follows:

Category
Use this field to categorise the link in anyway you like, for example the Product or Service name

Action
Use this field to define the action of the redirect, for example 'Download' or 'Feedback' or 'Purchase'

3) You can create a new redirect by clicking on the “New” button:

4) In the “Title” you can enter some text that describes what this redirect is for. The “Redirect Action/Category” have been described and the “Redirect To” field is the URL which you would like to redirect to.

5) Upon saving the new entry, you will find the list updated as below:

Notice the right hand column contains a “Test” link? This provides you with a quick way to grab the newly created redirect URL (right-click –> Copy Shortcut) and a quick way to test that it is working. In this case my URL was: http://wsstest/sites/LinkConductor/go.aspx?TAGGEDLINKS=WALKTHROUGH

That is all there is to it, from the minute you save it, any requests for that new URL will automatically be redirected.

The Statistics

1) As I mentioned we have also included some really basic statistics. Returning to the sites “Site Settings” page, click on the “Link Conductor Statistics” link.

Notice that there is already an entry? This was created when I tested the link I created above.

2) Like I said, it is a very basic statistic, but we have included a couple of views which make it a little more interesting, for example the “By Referrer” view:

Its a quick an easy way of keeping track of who is sending you the link love!

Conclusion

Well, that’s it folks, its a pretty simple solution, but hopefully an elegant and useful one. Please take a look at it, and as always, we look forward to your feedback!

DOWNLOAD

It is called LCDS and you can download it free from  http://www.microsoft.com/learning/tools/lcds/default.mspx