Forum Discussion

fernandohcsilva's avatar
fernandohcsilva
Icon for Nimbostratus rankNimbostratus
Dec 11, 2017

Authentication NTLM client and server side

Is it possible to configure the APM module for NTLM client-side authentication with HTTP 401 Response and consume on server-side NTLM authentication?

 

We have a demand to configure client and server side with NTLM Authentication without HTTP Form, is there any configuration available in F5?

 

1 Reply

  • Hi,

     

    during NTLM authentication, server doesn't receive user password. so if you enable NTLM authentication on client side, F5 doesn't know user password to use it for server side authentication. it is not a F5 APM limitation but a NTLM proxy limitation. Microsoft TMG had the same limitation.

     

    when working with NTLM client side authentication, a password-less authentication must be used on server side. the one used in such deployment is Kerberos Contrained delegation (Kerberos SSO)