Microsoft KB Archive/923766

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 17:32, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


A client computer may not be authenticated by ISA Server 2004 when you use integrated Windows authentication

Article ID: 923766

Article Last Modified on 12/4/2007



APPLIES TO

  • Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition



SYMPTOMS

Consider the following scenario:

  • A Web proxy client computer tries to connect to a Web site through a computer that is running Microsoft Internet Security and Acceleration (ISA) Server 2004.
  • ISA Server is configured to request integrated Windows authentication from the client computer.
  • The client computer uses the HTTP 1.0 protocol to send connection requests to ISA Server.

In this scenario, the client computer may not be authenticated by ISA Server. Additionally, the client computer is repeatedly prompted to provide credentials or receives authentication error messages.

Note This problem may occur when the client computer tries to connect to either secure (HTTPS) Web pages or non-secure (HTTP) Web pages.

CAUSE

This problem occurs if the client computer does not send connection requests that contain either a "Proxy-Connection: Keep-Alive" header or a "Connection: Keep-Alive" header to ISA Server. If a request that uses the HTTP 1.0 protocol does not contain either a "Proxy-Connection: Keep-Alive" header or a "Connection: Keep-Alive" header, ISA Server closes the connection during the authentication process.

Integrated Windows authentication is a session-based authentication method that requires the whole authentication process to occur over the same connection without any disconnects.

Note This problem typically occurs when you use integrated Windows authentication. This problem may not occur when you use other authentication methods, such as basic proxy authentication.

RESOLUTION

To resolve this problem, install the hotfix that is described in the following Microsoft Knowledge Base article:

923767 Description of the ISA Server 2004 hotfix package: August 15, 2006


STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Keywords: kbtshoot kbqfe kbprb KB923766