cancel
Showing results for 
Search instead for 
Did you mean: 
jivesh
Level 8

Intermittent NTLM authentication MWG 7.1.5

Jump to solution

We are using the NTLM authentication in our environment through the NTLM agent.

I am using the latest version of NTLM agent.

We have been encountering some intermittent issues with NTLM authentication.

It does not go through 20-30% of the time and would cause the browsing to fail.

With further investigation , i found that the authentication fails because the MWG sends a TCP RST to Agent.

Does anybody know if for each authentication request a new TCP connection is set up with the agent or the connection is established once and all further communication happens on the same session.

Also, has anybody else encountered this issue?

0 Kudos
1 Solution

Accepted Solutions
jivesh
Level 8

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

The issue was with the TCP connection timeout with the NTLM agent.

This value is hardcoded as 10ms in version 7.1.5 and in version 7.2.0 , this value has been changed to 3s.

Upgrading the version seems to have resolved the issue.

0 Kudos
5 Replies
asabban
Level 17

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

In the NTLM Agent configuration you can specify the maximum number of concurrent connections and threads per connection.

I would recommend to have a look at the error logs that MWG produces to see if there is any issue reported related to authentication. For this kind of issue always make sure that you file an SR with support, since a more in-depth analysis is most likely required to find the root cause.

Best,

Andre

0 Kudos
asabban
Level 17

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

Hello,

there is a chance that your problem is related to a known issue in MWG 7.1.5. You could proof this by turning off the encryption of the communication between MWG and the Agent temporarily. You need to do this on both ends, MWG (use secure Agent connection) and the Agent (use SSL).

Best,

Andre

0 Kudos

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

Hi

I also had TCP RST ans SSL renogotiation errors. The UI only logs the problem (red dot) after a while to outage can be quite long.

Its worse with intergrated authentication as browsers fails to basic confusing users as they dont enter the realm or are reprompted and lock out account thinking they mistyped.

NTLM-Agents work again after testing in the web interface.

Advised you to to move to NTLM.

Eric

0 Kudos
jivesh
Level 8

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

We are already using NTLM authentication

0 Kudos
jivesh
Level 8

Re: Intermittent NTLM authentication MWG 7.1.5

Jump to solution

The issue was with the TCP connection timeout with the NTLM agent.

This value is hardcoded as 10ms in version 7.1.5 and in version 7.2.0 , this value has been changed to 3s.

Upgrading the version seems to have resolved the issue.

0 Kudos