Windows authentication fails when using MS Edge browser

Windows authentication fails when using MS Edge browser

Issue

When installing Crash Magic Online on an agency server (rather than using our hosted service) you may opt to configure the system for “Windows Authentication.” Once configured, logins work when using Chrome or Firefox, but not using Microsoft’s Edge browser.

Explanation

Web sites using IIS can be configured to use Windows Authentication rather than “Anonymous” connections.  Configuring a site with this setting causes browsers accessing the site to prompt the user to enter their network login and password.  With Crash Magic set up in this manner, there is no need to use Crash Magic’s login form.  Your login is authenticated and provided to Crash Magic automatically.  Properly configured, you can even be rid of the prompt for the login and password, instead relying on the browser to pass your current Windows authentication directly to the server. This is often referred to as “Single Sign On” or SSO.  It’s pretty nifty when it works properly.

To be clear, this is not really functionality provided by the Crash Magic application. Crash Magic will respect that authentication and provide the automated login, but it is the browser plus the Windows IIS web server that is doing all the heavy lifting.  If you don’t get past the popup Windows Authentication dialog, focus on the browser and IIS.  Also, save yourself some headaches and test with Chrome or Firefox to see if everything is set up correctly before trying to get Edge working.

If Chrome and Firefox both work, but Edge doesn’t, this article is for you.

Solution

The solution to this problem is documented in a few locations.  We found this to be the most clear:

https://success.outsystems.com/Support/Enterprise_Customers/Troubleshooting/Issues_logging_in_with_Integrated_Authentication_in_Internet_Explorer_or_Edge

The web site above describes the details of the problem as well as a test and a solution.  Rather than re-type all of that, here is just the solution:

  1. Open IIS Manager.
  2. Select your site – the one controlling the authentication.
  3. Choose the “Authentication” icon.
  4. Since you’ve already tested Chrome and Firefox, we’ll assume that you have Windows Authentication enabled and the other methods disabled. Select Windows Authentication.
  5. In the side-bar on the right there will be a “Providers” option. Select that.
  6. In the Providers dialog, leave the NTLM option alone, but remove the NEGOTIATE provider.
  7. Restart IIS.

This should enable Edge to authenticate against your IIS server.

Was this article helpful?
3.4 out Of 5 Stars

21 ratings

5 Stars 33%
4 Stars 29%
3 Stars 5%
2 Stars 5%
1 Stars 29%
How can we improve this article?
How Can We Improve This Article?