How to stop authentication prompt

Answered Question
Apr 2nd, 2012

When opening a browser we are getting prompted for username password? I thought by changing the settings in the browser to automatic logon with current username and password would do just that... use cached credentials, so we wouldn't get prompted. How do we fix this?

Thanks

Mike

I have this problem too.
0 votes
Correct Answer by kstieers1 about 2 years 1 week ago

Make sure the realm is set up as NTLMSSP or NTLMSSP and Basic, then make sure the identity that your users are hitting in Web Security Manager>Identities is the same.

Also make sure that the hostnames that your interfaces have are in your AD domain’s dns zone. I also make sure my internal dns zone is added to their Local Intranet zone in IE.

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
kstieers1 Mon, 04/02/2012 - 11:20

Which browser are you using? 

IE, Chrome 8.0 and newer, Opera 9.01 or later all support NTLM/Negotiate

Safari should work, once you're auth'd to the domain.

Firefox needs some stuff set...

Did you configure an AD realm on the Network/Authentication page?

There's a Test on the realm page, what does it return?

phretbuzz Mon, 04/02/2012 - 11:23

At this time just worried about IE and Firefox. The AD Realm is configured and working. I've run the test and it's succesful and when I open a browser it prompts for username/password. If I type this in it works... however I don't want it to prompt I just want it to used cached credentials.

THanks

Correct Answer
kstieers1 Mon, 04/02/2012 - 11:38

Make sure the realm is set up as NTLMSSP or NTLMSSP and Basic, then make sure the identity that your users are hitting in Web Security Manager>Identities is the same.

Also make sure that the hostnames that your interfaces have are in your AD domain’s dns zone. I also make sure my internal dns zone is added to their Local Intranet zone in IE.

phretbuzz Mon, 04/02/2012 - 11:57

Ok I had it configured for LDAP. I've removed that and configured my AD as NTLMSSP. I configured my identifies again for the change. Now it doesn't prompt, it just fails with "a valid user id and password must be entered when prompted" (never prompted). It did prompt with LDAP but not with the new config.

Another thing that I find odd is that I configued the hostname; ironportcf.domain.com... however it says "Authentication is requried to access the requested web site (mgmt.ironportcf.domain.com)... now I entered another DNS record for the mgmt but I don't see that defined anywhere on my box. The only hostname I have is ironportcf.domain.com. Why would it be looking for mgmt...

phretbuzz Mon, 04/02/2012 - 12:18

OK... I have it working now with the NTLMSSP... and I'm not sure if that change was neccesary or not. However I changed my surrogate from cookie to IP... which kind of sucks. But it looks like it's only working with IP. Anyone know why?

Actions

Login or Register to take actions

This Discussion

Posted April 2, 2012 at 11:00 AM
Stats:
Replies:5 Avg. Rating:5
Views:602 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard