cancel
Showing results for 
Search instead for 
Did you mean: 
m.guermellou
Level 7

Authentication Windows

Jump to solution

I'm using the MWE 7, and I don't want my end user to have be promted to enter authentication notification to logon.

I want that the authoriz to be based on Windows session ID. (if the personne logon to windows, that okay, I just need to controle if he is on the group that have access to internet)

Is that possible? and how?

Thanks for your response.

0 Kudos
1 Solution

Accepted Solutions
georgec
Level 13

Re: Authentication Windows

Jump to solution

I think the one you're using now is ok, just change it to try using NTLM, not NTLM-Agent.

Message was edited by: georgec on 10/3/12 10:46:22 AM CDT

Before doing this, you'll need to actualy create the NTLM Authentication Engine.

Message was edited by: georgec on 10/3/12 10:50:36 AM CDT
0 Kudos
11 Replies
georgec
Level 13

Re: Authentication Windows

Jump to solution

well, you can use the following:

- kerberos

- ntlm

- McAfee Client Proxy

It really depends on your browser for the first two if it knows how to pass ntlm/kerberos details to the proxy. Internet explorer works with both, but other browsers might have some problems with some kinds of authentication methods.

0 Kudos
m.guermellou
Level 7

Re: Authentication Windows

Jump to solution

Thanks for your fast response.

Yes, I'm using NTLM for the authentication, and it work (but with prompting the user for his credential). I don't know how to tell MWG to look for username on IE and not prompting the user to enter it.

For McAfee Client Proxy, it's hard to install it on all machine (distance limite)

0 Kudos
georgec
Level 13

Re: Authentication Windows

Jump to solution

Maybe it's something from the ruleset. Can you post the authentication rules?

0 Kudos
m.guermellou
Level 7

Re: Authentication Windows

Jump to solution

I just used the Try-Auth from the library, and changed the "User Database" by my "NTLM" (I'm using the NTLM Agent authentication method)

0 Kudos
georgec
Level 13

Re: Authentication Windows

Jump to solution

Not NTLM Agent, just NTLM. Make sure the web gateway is member of the domain under configuration/settings > domain membership(can't recall exactly the name of the tab).

0 Kudos
m.guermellou
Level 7

Re: Authentication Windows

Jump to solution

On the Windows Domain Membership, it shows me a green spot on Status, after few minutes it's turn red.

I'm using 2008 Domain Controler.

0 Kudos
georgec
Level 13

Re: Authentication Windows

Jump to solution

Delete the domain controllers in the list. When you add it, you just need to add a domain membership name (what name the host will have in ad) and domain name.

If the spot stays green, then you can use NTLM authentication. NTLM agent reuires you to install a piece of software from the contentsecurity.mcafee.com portal. I'm not very familiar with that method of authentication.

George

0 Kudos
m.guermellou
Level 7

Re: Authentication Windows

Jump to solution

What ever I do, It turn red.

Is there something to do on my 2008 Server?

0 Kudos
georgec
Level 13

Re: Authentication Windows

Jump to solution

No idea. I don't really have access to a console now, but if you manage to turn it green, that you`ll have to use NTLM authentication. You can test if it works by using a username and password fromt he domain and MWG will get you the groups that user is member of.

George

0 Kudos