cancel
Showing results for 
Search instead for 
Did you mean: 
maitane
Level 7

NTLM-Agent authentication issues

Hello,

we are using 2 ntlm-agents (last available version) to preform authentication in our Proxy-HA environment. Although we have set Authentication Cache and Ntlm Cache both to 30min, it looks like every request performs authentication against each of the ntlm-agent. NTLM-agent itself is also configured with 30min cache.

auth.PNG

After performing auth twice (once per ntlm-agent), variable Authentication.Authenticate is set to true and content displayed.

Auth2.PNG

Is this the supossed behaviour? Shouldn't it skip those authentications as cache is enabled everywhere possible?

Thank you in advance,

maitane

0 Kudos
5 Replies
McAfee Employee

Re: NTLM-Agent authentication issues

Maitane,

this is expected as any request needs to be authenticated. Please find below the description from Product Guide:

Enable NTLM cache:

When selected, NTLM authentication information is stored in this cache.

Authentication is then based on this stored information, rather on

information retrieved from the Windows domain server.

Use authentication cache

When selected, authentication information is stored in a cache.

Authentication is then based on this stored information, rather than on

information retrieved from an authentication server or the internal user

database.

-Sergej

P.S.: This two authentication entries are related to NTLM Handshake not to your agents, please see more details in this article

0 Kudos
feickholt
Level 10

Re: NTLM-Agent authentication issues

How long will the entries be stored in the cache?

0 Kudos
McAfee Employee

Re: NTLM-Agent authentication issues

For the time period configured in "Authentication cache TTL" and "NTLM cache TTL".

-Sergej

0 Kudos
feickholt
Level 10

Re: NTLM-Agent authentication issues

Does TTL meant time after first appearance or after last?

Is it possible to dump the current cache values?

The 3 way handshake between client and proxy must done for each requests.

These values are only for caching the requests to the AD server???

0 Kudos
McAfee Employee

Re: NTLM-Agent authentication issues

Frank,

you're right this values are to reduce the traffic and requests sent to your AD. This detailed information will bring some light in the dark:

For the TLL start time I expect the first request. Based on my information it would otherwise never expire.

-Sergej

0 Kudos