I'm using the MWE 7, and I don't want my end user to have be promted to enter authentication notification to logon.
I want that the authoriz to be based on Windows session ID. (if the personne logon to windows, that okay, I just need to controle if he is on the group that have access to internet)
Is that possible? and how?
Thanks for your response.
Solved! Go to Solution.
I think the one you're using now is ok, just change it to try using NTLM, not NTLM-Agent.
Message was edited by: georgec on 10/3/12 10:46:22 AM CDT
Before doing this, you'll need to actualy create the NTLM Authentication Engine.
well, you can use the following:
- McAfee Client Proxy
It really depends on your browser for the first two if it knows how to pass ntlm/kerberos details to the proxy. Internet explorer works with both, but other browsers might have some problems with some kinds of authentication methods.
Thanks for your fast response.
Yes, I'm using NTLM for the authentication, and it work (but with prompting the user for his credential). I don't know how to tell MWG to look for username on IE and not prompting the user to enter it.
For McAfee Client Proxy, it's hard to install it on all machine (distance limite)
Not NTLM Agent, just NTLM. Make sure the web gateway is member of the domain under configuration/settings > domain membership(can't recall exactly the name of the tab).
Delete the domain controllers in the list. When you add it, you just need to add a domain membership name (what name the host will have in ad) and domain name.
If the spot stays green, then you can use NTLM authentication. NTLM agent reuires you to install a piece of software from the contentsecurity.mcafee.com portal. I'm not very familiar with that method of authentication.
No idea. I don't really have access to a console now, but if you manage to turn it green, that you`ll have to use NTLM authentication. You can test if it works by using a username and password fromt he domain and MWG will get you the groups that user is member of.