Graham King

Solvitas perambulum

Internet Explorer not sending NTLM authentication

software
Summary
At work, we set up a Twiki and faced an issue where Internet Explorer (IE) would not send NTLM authentication, showing a login popup instead because our domain (mycompany.com) differed from the Twiki URL (othercompany.com). The solution was to add othercompany.com to IE's list of trusted sites by navigating to 'Tools' -> 'Internet Options' -> 'Security' -> 'Local Intranet' -> 'Sites' -> 'Advanced' and inputting the URL. This setup is necessary for any cross-domain NTLM authentication to indicate that the site can be trusted, ensuring IE sends the credentials.

At work we setup a Twiki, and Internet Explorer refused to send the NTLM authentication, instead it showed a login popup. The problem was that our Windows domain, say mycompany.com was different from the Twiki URL, which was othercompany.com.

The solution is to tell IE that othercompany.com is a trusted site. ‘Tools’ -> ‘Internet Options’ -> ‘Security’ -> ‘Local Intranet’ -> ‘Sites’ -> ‘Advanced’ and add it in there, this must start with http:// or https://

The problem and solution are explained here:

Apache::AuthCookieNTLM – NTLM (Windows domain) authentication with cookies

Note that this will be a problem not just with that Perl module, but with any cross-domain NTLM authentication. IE correctly refuses to give out your username as it doesn’t know it can trust the site.