Forum Discussion
NimbostratusSharePoint 2010/F5 authentication issue
Hi,
According to the network engineer, he had set up SharePoint 2010 using template within F5 and all is looking okay except one small issue where username/password prompt keeps asking for authentication. When ignored and URL is re-entered, the site works fine. It's not a permission related issue within SharePoint because this works if traffic is pointing directly to the web servers. NTLM is being used and from what I'm told this is also enabled on F5. We're also offloading SSL. This issue doesn't occur on other broswers but only occurs with IE. Checked all the related settings in IE for SharePoint and they all look good.
Any ideas would be much appreciated.
Thank you.
11 Replies
Michael_Koyfma1Cirrus
Check if NTLM/OneConnect profiles are assigned to the Virtual Server, and if so, remove them and see if the issue goes away.
JamesC_117578NTLM is enabled if this is what you mean? I have now disabled this but I'm still getting constant password prompt.
- Michael_Koyfma1Are NTLM profile/s and OneConnect profiles assigned? If so, please have them both removed from the VS. Then restart your browser and retest.
- JamesC_117578Just had a chat with our network engineer and he said that by saying no to NTLM option within iApp for SharePoint 2010, it takes the profile out of VS. OneConnect isn't being used or assigned.
- Hi James, if you remove all but one SharePoint server from the LTM pool, do you still see the problem?
thanks
Mike - JamesC_117578
Hi Mike,
There's only one server in the pool at the moment and yes I'm still getting the issue.
Many thanks.
- JamesC_117578Ok, I found another issue. Going through F5 child domain authentication isn't working. SharePoint isn't accepting credentials on child domain. Everything works when by passing F5.
- Kevin_Stewart
Employee
Can you do a Wireshark capture from the browser side? The browser is definitely getting a 401 response from the server, but curious what's in the Authorization header, and what the client is trying to do with it.
What's the difference between going through the F5 and going direct? Do you have an authentication/NTLM/OneConnect profile applied to the VIP? I know you've already answered for the last two, but just making sure. Is the URL different (as in domain name)? - JoeTheFifth
Altostratus
just a guess (I read that it works when bypassing the LTM), is the sharepoint site added to your IE intranet security zone? - JamesC_117578Ok, for some weird reason F5 has decided to work. We haven't made any changes to our configuration on both SharePoint and F5. We've been running this successfully for about a month now.
Thanks for all your help.
