Requirement for IIS Basic Authentication role/service
We are working on an FNMS implementation and getting some push back from IT security on enabling IIS basic authentication with PCI compliance in scope.
Web Server > Security > Basic Authentication (page 88 of install guide)
Web Server > Security > Windows Authentication
Anyone have details on specific details/functionality for requirement of basic authentication and a method to possibly disable?
Re: Requirement for IIS Basic Authentication role/service
If your environment is sufficiently tight that Windows Authentication will be able to be used for all the FlexNet Manager Suite virtual directories that get configured and used on the application server then I think you would be able to avoid installing the Basic Authentication feature. It is typical to use Windows Authentication on virtual directories, so that isn't too unusual.
What is slightly more unusual is not actually having the Basic Authentication feature installed as per the Installation Guide (even if it isn't actually used/enabled on any virtual directories), so you may want to do an install on a test system to verify that it is going to work and look out for any challenges. It is possible that there might be something in the installation process that expects the feature to be installed.