Questions

NTLM Authentication with Internet Explorer

+
0 Votes
Locked

NTLM Authentication with Internet Explorer

ScarF
I have a weird problem when trying to authenticate to a Sharepoint server - located in the Internet - with Internet Explorer.
Locally, we use MS SBS as domain controller, and MS Windows XP SP3 clients. All users authenticate against the local domain, and all the workstations are part of this domain. We don't access the Internet through Proxy.
The remote Sharepoint server requires NTLM and Basic Authentication.
Symptom:
When trying to access the website using IE8, I am asked for the username and password. I enter the information in format DOMAIN\USERNAME, as provided by the website's administrator. The server returns 401, without any other substatus code.

Troubleshooting:
Eventually, using MS NetMon3, I found the following 4 HTTP frames:
1. Request from browser to access the page
2. Response from server with 401 and the offer for two authentications realms: NTLM and Basic
3. Request from browser with NTLM authentication
4. Response from server with 401

Weird is that the frame #3 doesn't contain the username and password, as it should.
This made me aware that the problem resides on our end, and IE is restricted in sending NTLM data over the Internet.

What I?ve tried so far:
1. I changed GPOs:
- for the domain controllers, I changed "Network Security: LAN Manager authentication level" from "Send NTLM response only" to "end LM & NTLM - use NTLMv2 session security if negotiated"
- for the client computers, I changed "Network Security: LAN Manager authentication level" from "Not Defined" to "Send LM & NTLM - use NTLMv2 session security if negotiated"
2. I changed IE8 Options as follows:
- I added the website in "Trusted Sites" in the IE8 Options
- I tried different security levels for Trusted Sites (from Low to High)
- I unchecked "Use HTTP 1.1 through proxy connections" in Advanced Options
- I checked and unchecked "Enable Integrated Windows Authentication" in Advanced Options
- I tried all the settings for "Internet Options-Security - Trusted Sites - User Authentication - Logon"

Nothing worked. The frame #3 is still missing the username and password.

Now, I would really appreciate some help from the community. Thank you in advance.