Home > Small Business Server 7, Windows Vista > Synchronizing OneNote over SSL with integrated Windows authentication

Synchronizing OneNote over SSL with integrated Windows authentication

I started using OneNote about a year ago, and I’m still very much an amateur when it comes to what OneNote can really do.  I’m constantly finding new neat features in the program, but that has nothing to do with this post.  We have a server running Microsoft Office SharePoint Server (MOSS) 2007, which is built on Windows SharePoint Services (WSS) 3.0.  I placed two OneNote notebooks in separate Document Libraries on separate SharePoint sites, and configured the sites to use Integrated Windows authentication.  Everything seems to work great via Internet Explorer, but other applications, such as OneNote and Windows Explorer, don’t work so well.  I thought this was due to the fact that my WSS sites only accepted SSL connections with an internal domain certificate, but as it turns out, it has nothing to do with SSL!

Does this look familiar at all?  If you are running Windows Vista or Windows 7, you will get this error when trying to connect to a WSS 2.0/3.0 site using WebDAV.  In case you didn’t know, if you have a OneNote notebook stored on a SharePoint site, it connects via WebDAV to sync changes.  Also, if you access a SharePoint site via the UNC path, it also uses WebDAV.  For the last few months, when I opened OneNote, it would tell me OneNote needs a password to sync some of your notebooks.  Click here to see the list of sections and notebooks that require passwords.  When I clicked the message, I was prompted for credentials, and although I was already logged into my laptop with my domain credentials, I would simply put the same user/pass that I was logged in with, and it would sync.  I also found that I could not browse to the Document Library with the UNC path (\\example.v1corp.com@SSL\mysharepointsite).  When I tried this, I got the message The operation being requested was not performed because the user has not been authenticated.  The site uses Integrated Windows Authentication and was already in my Intranet zone in Internet Explorer, but it would not authenticate me.

Then I found this.  This is a known issue in Windows Vista, and KB941050 details how to fix it either with hotfix 943280 or with a registry hack.  As I am running Windows 7 and the hotfix did not seem to work for me, I tried the latter.  All you need to do to make Windows Explorer and OneNote happy is to create a new Multi-String Value called AuthForwardServerList in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters, add your site’s URL in the form of https://example.v1corp.com/mysharepointsite (obviously replace the FQDN and site with your own information, and drop the s if you are not using SSL), and restart the WebClient service.  No reboot necessary :).  The error goes away and you can access WSS Document Libraries over the Internet and sync OneNote notebooks via Integrated Windows Authentication (a strong word of caution though, if you are using Integrated Windows Authentication over the Internet, you really should use SSL to encrypt the information).

Advertisements
  1. February 8, 2012 at 8:54 am

    Thanks so much for this article, it really helped me. I was getting the specific issue you had too. My organization run a proxy server via a proxy.pac file and we I tended only to get this issue if I _disabled_ the proxy altogether in IE. Perhaps that had something to do with IE not being able to work out zones correctly, and thus the WebClient wasn’t processing the authentication correctly. Not sure but this helped anyway.

    Just one thing, you mention to type in the whole URL of the site, however the article you mention ( http://support.microsoft.com/kb/941050 ) actually says you should only type in the server or domain name (or IP), with or without the protocol (http/s). I used just the site name (actually I wildcarded it) and that worked fine.

    Nice one!

    Like

  2. February 8, 2012 at 8:57 am

    Nice find, Nick. I guess I didn’t read the instructions closely enough ;). I didn’t realize I could use wildcards, either, which is pretty neat.

    Like

  1. July 7, 2015 at 11:32 am
  2. July 18, 2015 at 10:30 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: