04-02-2012 11:00 AM
When opening a browser we are getting prompted for username password? I thought by changing the settings in the browser to automatic logon with current username and password would do just that... use cached credentials, so we wouldn't get prompted. How do we fix this?
Thanks
Mike
Solved! Go to Solution.
04-02-2012 11:38 AM
Make sure the realm is set up as NTLMSSP or NTLMSSP and Basic, then make sure the identity that your users are hitting in Web Security Manager>Identities is the same.
Also make sure that the hostnames that your interfaces have are in your AD domain’s dns zone. I also make sure my internal dns zone is added to their Local Intranet zone in IE.
04-02-2012 11:20 AM
Which browser are you using?
IE, Chrome 8.0 and newer, Opera 9.01 or later all support NTLM/Negotiate
Safari should work, once you're auth'd to the domain.
Firefox needs some stuff set...
Did you configure an AD realm on the Network/Authentication page?
There's a Test on the realm page, what does it return?
04-02-2012 11:23 AM
At this time just worried about IE and Firefox. The AD Realm is configured and working. I've run the test and it's succesful and when I open a browser it prompts for username/password. If I type this in it works... however I don't want it to prompt I just want it to used cached credentials.
THanks
04-02-2012 11:38 AM
Make sure the realm is set up as NTLMSSP or NTLMSSP and Basic, then make sure the identity that your users are hitting in Web Security Manager>Identities is the same.
Also make sure that the hostnames that your interfaces have are in your AD domain’s dns zone. I also make sure my internal dns zone is added to their Local Intranet zone in IE.
04-02-2012 11:57 AM
Ok I had it configured for LDAP. I've removed that and configured my AD as NTLMSSP. I configured my identifies again for the change. Now it doesn't prompt, it just fails with "a valid user id and password must be entered when prompted" (never prompted). It did prompt with LDAP but not with the new config.
Another thing that I find odd is that I configued the hostname; ironportcf.domain.com... however it says "Authentication is requried to access the requested web site (mgmt.ironportcf.domain.com)... now I entered another DNS record for the mgmt but I don't see that defined anywhere on my box. The only hostname I have is ironportcf.domain.com. Why would it be looking for mgmt...
04-02-2012 12:18 PM
OK... I have it working now with the NTLMSSP... and I'm not sure if that change was neccesary or not. However I changed my surrogate from cookie to IP... which kind of sucks. But it looks like it's only working with IP. Anyone know why?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide