Microsoft KB Archive/822458

From BetaArchive Wiki
Knowledge Base


Article ID: 822458

Article Last Modified on 12/3/2004


APPLIES TO

  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 5.0
  • Microsoft Internet Explorer 4.5 128-Bit Edition



SYMPTOMS

After you type your credentials to use a proxy server to view a Web site, you may be prompted to type your credentials again.

CAUSE

This problem may occur if you use Windows NT LAN Manager (NTLM) authentication with more than one proxy server. Microsoft Internet Explorer does not support NTLM authentication with more than one proxy server where NTLM authentication is required on each proxy server. The NTLM authentication on the first proxy server in the chain succeeds, but when the proxy server sends a "407 Proxy authentication required" response, the user is prompted for credentials. This problem occurs with any proxy server product regardless of the manufacturer.

WORKAROUND

To work around this problem, configure NTLM authentication on the downstream proxy server in the chain, and configure the downstream proxy server in the chain to pass credentials to the upstream proxy servers.

Microsoft ISA Server

If you use Microsoft Internet Security and Acceleration (ISA) Server, follow these steps to configure the downstream ISA Server-based server to pass credentials upstream:

  1. Click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Management.
  2. Expand Servers and Arrays, expand Your_Server_Name, expand Network Configuration, and then expand Routing.
  3. Right-click the routing rule that you want to configure, and then click Properties.
  4. Click the Action tab, click Routing them to a specified upstream server, and then click Settings.
  5. In the Server or array box, type the name or the IP address of the upstream server.
  6. In the Port box, type the port number that the upstream server uses to listen for Hypertext Transfer Protocol (HTTP) requests. Typically, this is port 8080.
  7. In the SSL Port box, type the port number that the upstream server uses to listen for Secure Sockets Layer (SSL) requests. Typically, this is port 8443.
  8. Click OK two times.

For more information about how to configure routing on ISA Server, visit the following Microsoft TechNet Web site:

http://www.microsoft.com/resources/documentation/isa/2000/enterprise/proddocs/en-us/isadocs/cmt_h_routeroute.mspx


Third-party proxy server

If you use a third-party proxy server in the chain of proxy servers, you must follow the steps that your proxy server manufacturer gives you to configure the downstream proxy server in the chain to pass credentials to the upstream proxy servers.

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information. For information about how to contact your proxy server manufacturer, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

65416 Hardware and software vendor contact information, A-K

60781 Hardware and software vendor contact information, L-P

60782 Hardware and software vendor contact information, Q-Z


STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Keywords: kbbug kbprb KB822458



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/822458&oldid=196327
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki