I have the following problem regarding McAfee Web Gateway:
I have a lot of machines OUT of my Windows domain. Some of them have Windows 10 Anniversary Update 1607 installed.
On those machines, when using Google Chrome or Firefox, the user does not get prompted for username and password.
This information is sent in blank to Web Gateway (IE and Edge the prompt appears normally). Because of that, Web Gateway is failing to proccess those requests and users can't browse when using Chrome or Firefox.
So, in contact with McAfee Support, I reproduce the problem in my labs and their capture the traffic and show me whats was the problem.
I was using all the time the NTLM Authentication, and, after tests and traffic capture, after the proxy sent the NTLMSSP_CHALLENGE to the browser, google chrome of firefox won't send to the proxy the GET with the "NTLMSSP_AUTH, User". They just jump this request.
How the NTLM auth must occour normally
And how the NTLM Authentication was occour wihout the NTLMSSP_AUTH
I do a test using LDAP authentication, and the problem don't occour. Works fine, even with the Microsoft KB3189866 or KB3193494.
Again, to me, in the McAfee proxy, using the LDAP Authentication, it's work fine... Don't needed uninstall those KBs.
So, what I need to do is use the LDAP Authentication instead NTLM, and wait for Microsoft or the browsers company to fix this problem, because, to machine out of the domain in a large enterprise with remote sites, it's almost impossible to remove the KB and block his installation.
I'm still using NTLM for all the company, it's around 4000 hosts
I have only few machines have this problem, because it's personal notebook with Windows 10 1607, out of domain. So I used LDAP only for these computers using IP Address as "criteria". Of course, to this machines the IP Addres is static.