Written by:SuperUser Account
10.8.2010 14:35 
If you are using Sharepoint 2007 or older maybe you encounter a problem with different authentication method for extranet and intranet users of one Sharepoint site.
Note: I suppose you have defined Intranet (or default) and Internet zone in Alternate Access Mappings in Sharepoint Central Administration.
Problem:
How to set up Sharepoint to use Windows NTLM authentication for intranet users and basic authentication for extranet users?
Simple solution:
If you are using more than one zone in your Sharepoint application, you can configure a separate authentication method for each zone. As I wrote above we have for example two zones. The default zone is the zone used by internal employees and the Internet zone is configured for extranet access and uses basic forms authentication. Next go to Central Administration > Application Management > Authentication Providers and set a authentication provider you need for each zone.
So much easy :-), so let's go to next problem.
Problem:
How to set up Sharepoint to use Windows NTLM authentication for intranet users and basic authentication with pre-filled domain name for extranet users?
When users are grouped under some domain the standard practis is the domain users accesing to resource from domain is automatically authenticated. When domain users access to Sharepoint from extranet, they can login using username/password and not using full domain name "domain\username". Moreover backslash is quite doubtful mark for some non-latin keyboards and for mobile devices.
Solution:
To achieve this target you must:
1) Create a second virtual directory in IIS Web server and point this directory to the same location as your main Sharepoint virtual directory is targeted to:
2) For main virtual directory set bindings only for "intranet" URL and in authentication use only windows authentication and disable basic authentication.
3) For newly created virtual directory set bindings to your public URL and enable only basic authentication and set up default domain for this kind of authentication.
That's it. The result is the domain users accessing to the website from intranet is logged in automatically and extranet users are logged in to the Sharepoint by entering their username/password without entering a domain name.