cancel
Showing results for 
Search instead for 
Did you mean: 

Default non-domain computers authentication

Hi everyone!

I can't solve one problem and I will be grateful, if you could help me.

I have domain infrastructure an one hundered non-domain computers. Also there is a kerberos/NTLM authentication on MWG.

And I need to do that if user uses non-domain computer he didn't get authentication prompt and authenticate authomaticly as any "default" user.

My authenticatiom policies is in attachement.

Thank you.

3 Replies

Re: Default non-domain computers authentication

Hi,

we use subnets or list of trusted IPs to identify systems without authentication. I guess authentication can not be done via NTLM/Kerberos for such non-domain PCs and proxy will use Basic authentication method so browser will display login dialog.

So, you can use "Client.IP is in range" or "Client.IP is in list" rule with stop ruleset action to bypass authentication.

Re: Default non-domain computers authentication

Thank you for your answer, I got your thought and also I have such algoritm as you described in production, but my task is to do, that no any prompts for non-domain users.It is customer requirment.

Thanks a lot.

McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Default non-domain computers authentication

How are you deployed?

You would need to use Try-Auth which is available in the ruleset library. This would only work for windows machines hitting the mwg over direct proxy. Mac or other devices would prompt because that's what they do

Best Regards,

Jon

ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.