Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ldap Authentication Transparency

Hi does anyone know if the content engine allows users to transparently authenticate using ldap through the browser. The NTLM method states that you can log onto a domain and web requests willbe authenticated without popup windows. Can you get the same to work with LDAP?

I have LDAP working at the moment as it authenticates users all the time. But I would like it only to popup a window if a user has not logged onto the domain.

1 REPLY
New Member

Re: ldap Authentication Transparency

No, basically the answer is Internet Explorer supports the use of pass through NTLM from the base operating system (XP/2000), no such method exists for LDAP (ADS) as it relies on the Kerberos tokens being issues and recognised by the the proxy device which the CE's currently don't support. You can do LDAP/ADS authentication if your using websense on box by relying on the Websense LDAP/ADS authentication which does work.

I did a fare amount of digging on this before I recieved confirmation that its not supported. The other potential gotcha is 2003 Server uses NTLMv2 by default if you plan on using that root. In the end my customer was happy to stick with the popup box as a potential security measure.

Mark

217
Views
0
Helpful
1
Replies
CreatePlease login to create content