NTLM Authentication

Administrators can utilize the NTLM authentication mechanism used by Windows operating systems to help authenticate users with WinGate.

This form of authentication requires the Operating System(Windows) database option to be in use in WinGate.

Both the WinGate Internet Client (WGIC) and Gatekeeper authentication methods support using NTLM.

Unfortunately it is not compatible with Java Authentication method.

To use NTLM with WGIC or GateKeeper Authentication:

  1. Make sure WinGate is set to use the Operating system Database(Windows) user database.
  2. Configure clients to use either WGIC Authentication or GateKeeper Authentication.
  3. Users will need to log in using a valid Username and password from the chosen Operating System database.
  4. Once authenticated in WinGate, users will appear on the Activity tab in GateKeeper as Authenticated NTLM.

Using Proxies with NTLM

Clients with browsers that support NTLM (Internet Explorer other Windows based browsers) when set to use a Proxy Server can be authenticated via NTLM with WinGate.

This can be useful in an Active Directory situation where group policy can be centrally set on the browser configuration settings (namely setting what the default proxy server (WinGate) is).

As this group policy can be set to affect all browsers across the network, it provides an easy implementation of authentication and control of Internet access without the need for individual client configuration, as all clients will now be authenticated via NTLM through WinGate.

To use NTLM with Proxy clients through WinGate:

On the Server:

  1. Open GateKeeper.
  2. Log on as Administrator.
  3. Select the WWW proxy service from the Services tab on the GateKeeper control panel.
  4. Select the General configuration.
  5. Under the Authentication where required by policies, select the NTLM checkbox.
  6. Select the Policy configuration.
  7. Click Add to add recipients to be affected.
  8. On the Recipient properties configuration General tab select User must be authenticated.
  9. Click OK
  10. Depending on requirements set the Default rights(System Policies) setting on the main Policy configuration window to are ignored.
  11. Click OK.

On the Client :

  1. Set the browser to use a Proxy Server (obviously the IP address of the WinGate Server)
  2. Depending on the browser used, you can set the browser security settings for user authentication to Use current Windows Username and Password. This will save the user having to enter their Username and password everytime the open a browser session. Obviously this must be a valid Windows user and password in the database that WinGate has been set to use.

Note:

Use of NTLM Authentication in the WWW Proxy is only available to WinGate 6 Pro and Enterprise

Additional Links

Search

Support

Documentation

Authorization

 
Forgot your password?
Register

Subscribe

Subscribe to company news