L
Lepingouin
Guest
Currently experiencing issues with configuring browsers to enable transparent and secure authentication on web servers without prompt. Working in a Windows 10 Pro environment and IE 11.
Turns out Mozilla is working just fine after editing network.automatic-ntlm-auth.trusted-uris with our SSO URL (sso.domain.com), but still can't make it work with IE and Chrome despite taking these steps:
Yet IE keeps prompting for credentials, and seems to be treating our SSO URL as inside the Internet zone.
SupportedUserAgents:
MSAuthHost/1.0/In-Domain MSIE 6.0 MSIE 7.0 MSIE 8.0 MSIE 9.0 MSIE 10.0 MSIE 11.0 MSIPC Windows Rights Management Client Mozilla/5.0 Edge/12 Chrome
Our IIS authentication is configured as such:
Anonymous Authentication is enabled with the IUSR
Enable Windows Authentication. In the the "Providers" NTLM is first.
Under Advanced Settings the Extended Protection is "Accept" and Enable Kernel-mode authentication is CHECKED.
Is there something I am missing?
Thanks,
More...
Turns out Mozilla is working just fine after editing network.automatic-ntlm-auth.trusted-uris with our SSO URL (sso.domain.com), but still can't make it work with IE and Chrome despite taking these steps:
- Adding the SSO URL to the Intranet zone
- Automatic logon in Intranet zone
- Enabling Enable Integrated Windows Authentication in Advanced settings Additionally I've enable via GPO "Allow updates to status bar via script"
Yet IE keeps prompting for credentials, and seems to be treating our SSO URL as inside the Internet zone.
SupportedUserAgents:
MSAuthHost/1.0/In-Domain MSIE 6.0 MSIE 7.0 MSIE 8.0 MSIE 9.0 MSIE 10.0 MSIE 11.0 MSIPC Windows Rights Management Client Mozilla/5.0 Edge/12 Chrome
Our IIS authentication is configured as such:
Anonymous Authentication is enabled with the IUSR
Enable Windows Authentication. In the the "Providers" NTLM is first.
Under Advanced Settings the Extended Protection is "Accept" and Enable Kernel-mode authentication is CHECKED.
Is there something I am missing?
Thanks,
More...