I have just spent two hours trying to get a Win7 machine with IE 9 to connect to the intranet, which uses CAS-JASIG with NTLM as single sign on service (only inside the company private network)
if you’re stuck in the same problem, do this:
of course… (this is imperative)
– in IE / Settings / Advanced settings, activate Integrated Windows Authentication
– in IE / Settings / Security, add the intranet URL to the trusted sites
but here comes the tricky part:
you will need to change your registry to force Win7 to allow authentication with old-fashioned NTLM servers 🙂 (do this at your own risk, this change solved my problem, but it could make your computer go nuts and destroy the human race)
using an editor (like NOTEPAD) make a .reg file with the following lines:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“SuppressExtendedProtection”=dword:00000001[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“LmCompatibilityLevel”=dword:00000002[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
“NtlmMinClientSec”=dword:00000000
“NtlmMinServerSec”=dword:00000000
Hope it helps. Maybe this will save you hours of headache reading Microsoft Knowledge Base. 🙂
Be First to Comment