NTLM auth. request while using Kerberos

User can surf with kerberos auth (member of allowed AD group) some minutes.

Then stoppt it with this request:

https://firewall.fqdn:8091/ntlmauth.html?2www.google.de

and empty page.

AD SSO is active.

No STAS, no Sophos endpoint.

Browser Edge.

Restart the browser lets work again until the next break.

Parents
  • Hi,

    NTLM :8091 of XG is not compatible with HTTPS. It should be analyzed why Edge tries to acess the redirect via HTTPS. Might be HSTS (e.g. when you access webadmin via the same FQDN on the same client, it generates Strict-Transport-Security headers) issue, it might also be another issue. You should be able to check that network captures (edge://net-export/) or developer console.

    I do not see how this is related to v19, though. I've seen this issue in v18 a couple of times already.

    Kind regards,

    cougz

Reply
  • Hi,

    NTLM :8091 of XG is not compatible with HTTPS. It should be analyzed why Edge tries to acess the redirect via HTTPS. Might be HSTS (e.g. when you access webadmin via the same FQDN on the same client, it generates Strict-Transport-Security headers) issue, it might also be another issue. You should be able to check that network captures (edge://net-export/) or developer console.

    I do not see how this is related to v19, though. I've seen this issue in v18 a couple of times already.

    Kind regards,

    cougz

Children