Forum Discussion
Stanislas_Piro2
Dec 25, 2017Cumulonimbus
Hi,
the issue is client still try to authenticate because of 401 response.
NTLM auth is done before Access policy is evaluated, so it never follow fallback branch.
NTLM auth result is not a NTLM auth action but a validation of NTLM auth performed at LTM level.
try with following code to disable NTLM auth if first attempt fails.
when ECA_REQUEST_DENIED {
log local0. "User [ECA::username]@[ECA::domainname], Client Machine [ECA::client_machine_name], Auth Status [ECA::status]"
ECA::disable
}