본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

NTLM Authentication issue

  • 5 답장
  • 1 이 문제를 만남
  • 1 보기
  • 최종 답변자: haley.lowery

more options

The passing of Windows credentials into our homepage using a mozilla.cfg file isn't working properly and I can't figure out why. I know Firefox is reading the config file because the homepage is correctly pointed. However I have edited the following settings to:

lockPref("network.automatic-ntlm-auth-allow-proxies", true); lockPref("network.automatic-ntlm-auth-trusted-uris", "servername.domain.corp"); lockPref("network.negotiate-auth-allow-proxies", true); lockPref("network.negotiate-auth-delegation-uris", "servername.domain.corp");

This is what the settings are for the homepage: //set intranet as home page lockPref("browser.startup.homepage", "https://servername.domain.corp"); lockPref("browser.startup.homepage_override.mstone", "ignore");

When I open firefox it directs to our homepage, however it prompts for credentials. Am I missing something?

The passing of Windows credentials into our homepage using a mozilla.cfg file isn't working properly and I can't figure out why. I know Firefox is reading the config file because the homepage is correctly pointed. However I have edited the following settings to: lockPref("network.automatic-ntlm-auth-allow-proxies", true); lockPref("network.automatic-ntlm-auth-trusted-uris", "servername.domain.corp"); lockPref("network.negotiate-auth-allow-proxies", true); lockPref("network.negotiate-auth-delegation-uris", "servername.domain.corp"); This is what the settings are for the homepage: //set intranet as home page lockPref("browser.startup.homepage", "https://servername.domain.corp"); lockPref("browser.startup.homepage_override.mstone", "ignore"); When I open firefox it directs to our homepage, however it prompts for credentials. Am I missing something?

모든 댓글 (5)

more options

The NTLM SSP is used in the following situations:

The client is authenticating to a server that doesn't belong to a domain or no Active Directory domain exists (commonly referred to as "workgroup" or "peer-to-peer") The server must have the 'Password protected sharing' feature enabled, which is not enabled by default and which is mutually exclusive with HomeGroup on some versions of Windows. When server and client both belong to the same HomeGroup, a protocol similar to Kerberos, Public Key Cryptography based User to User Authentication will be used instead of NTLM. HomeGroup is probably the easiest way to share resources on a small network, requiring minimal setup, even compared to configuring a few additional users to be able to use Password protected sharing, which may mean it is used much more than Password protected sharing on small networks and home networks. If the server is a device that supports SMB, such as NAS devices and network printers, the NTLM SSP may offer the only supported authentication method. Some implementations of SMB or older distributions of e.g. Samba may cause Windows to negotiate NTLMv1 or even LM for outbound authentication with the SMB server, allowing the device to work although it may be loaded with outdated, insecure software regardless of whether it were a new device. If the server is a member of a domain but Kerberos cannot be used. The client is authenticating to a server using an IP address (and no reverse name resolution is available) The client is authenticating to a server that belongs to a different Active Directory forest that has a legacy NTLM trust instead of a transitive inter-forest trust Where a firewall would otherwise restrict the ports required by Kerberos (typically TCP 88)

글쓴이 xXxY34R_xXx_Z3R0xXx 수정일시

more options

We have the windows account setup to authenticate to our intranet page in Chrome. I shouldn't need to adjust the server different for Firefox, should I?

more options

Configuring Firefox to allow silent authentication By default, Firefox supports prompted NTLM authentication. To enable silent NTLM authentication, you first need to configure the browser to trust sites. To enable silent NTLM authentication in Firefox: 1 Open Firefox. 2 Type about:config as the target URL. 3 Type ntlm in the Filter field. 4 Open network.automatic-ntlm-auth.trusted-uris. 5 Type a comma-separated list of partner URLs or domain names as string values, then click OK. For example, type http://server1.mydomain.com,https://server1.mydomain.com then click OK. Note For security reasons, make this list as restrictive as possible. Although the Mozilla Firefox Web browser supports negotiated (SPNEGO) authentication, this support is not enabled by default. To enable silent SPNEGO authentication for the Firefox browser, you first need to configure the browser to trust sites. To enable silent SPNEGO authentication in Firefox: 1 Open Firefox. 2 Type about:config as the target URL. 3 Type neg in the Filter field. 4 Open network.negotiate-auth.delegation-uris, type a comma-separated list of partner URLs or domain names, for example, http://server1.mydomain.com,https://server1.mydomain.com and click OK. Note For security reasons, make this list as restrictive as possible. If your Web server uses SSL, be sure to include https:// in the string. 5 Open network.negotiate-auth.trusted-uris, type a comma-separated list of partner URLs or domain names, for example, http://server1.mydomain.com,https://server1.mydomain.com and click OK.

more options

The URLs that I need are listed in my about:config file and I posted them as contents of my config file in my initial question.

more options

Any other help the community could provide on this one?