|05 Mar 2016||#1|
IE11 secutity zones + Kerberos SSO
I meet a strange problem with IE to access from the web a public URL with Kerberos SSO enabled for LAN acces (of course, SSO can't work for external access).
A single URL is wanted for internal (LAN) and external(web) access.
O/S: Windows 7
Browsers: IE11 + Firefox 44
O/S: Windows Server 2012 R2
Web server: Tomcat 7
Windows AD : 2012
Kerberos + SSO
# URL to access web portal with HTTPS/TLSv1.2: 2 existing FQDN
Public FQDN: xyz.corp.fr (reachable from web)
Internal FQDN: a-b-xyz.corp.fr and a-b-xyz.corp.local (reachable from LAN)
Notebooks have to access web portal from LAN or web (roaming users).
For both LAN and web access, only one public URL is wanted to access web portal: https://xyz.corp.fr .
From LAN, to get SSO with IE11, I just have to add https://xyz.corp.fr in "Local intranet" securitiy zone.
But if the notebook is connected from the web, the URL https://xyz.corp.fr does not work ("This page can't be displayed") !
To solve this problem, I have to move https://xyz.corp.fr to "Trusted sites" security zone of IE or at least delete the URL from "Local Intranet" zone.
Then, if the notebook have to connect from LAN, SSO does not work anymore since https://xyz.corp.fr is no more in "Local Intranet" security zone.
NB: - no problem with Firefox 44 that does not use "security zones" concept
- problem got on 4 different PC under W7
- no problem under W8.1
Is it possible to use a single URL for external (web) and internal (LAN) access ?
If yes, how ?
Thanks in advance.
I can provide you more info if needed.
|My System Specs|
|Similar help and support threads|
How do I integrate Kerberos with Windows Explorer?
Hi, I have a Windows 7 Home Premium x64 installation (i.e. one that does not attach to a domain) that needs to talk to a Samba share in a Kerberized (not AD) environment. I have setup "Kerberos for Windows 4.0.1" and "Network Identity Manager 220.127.116.117" and they are successfully able to...
Time Zones - Restore Missing Default Time Zones
How to Restore Missing Default Time Zones in Windows 7 This will show you how to restore the default times zones in Windows 7 for when the Change time zone button does not work or you have missing time zones when trying to change the time zone. You must be logged in as an administrator to...
Hi Guys I am curious to hear what you think of using Windows internet security, would you trust it alone to protect your computer from the evils of the internet. I have heard conflicting reports and would appreciate any advice. Thanks
Kerberos Authentication to UNIX from Windows 7 OS
Hi, I am testing Windows 7 OS in our domain and found that Kerberos authentication to UNIX domain from Windows 7 is not working. It is prompting for a password everytime I connect to a unix host and not going throuh pass-through authentication. This works perfectly fine on Windows XP OS in our...
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 00:21.