Knowledge Base Article: Allow AD Credentials to be sent via browsers in Firefox and Internet Explorer

Allow AD Credentials to be sent via browsers in Firefox and Internet Explorer


integrated authentication firefox active directory web interface AD ntlm uris Internet Explorer url browser browsers portal

HelpMaster > Web Portal > Configuration

Web Portal

14/08/2007 11:25:38 AM

6/02/2018 11:16:31 AM


When using Windows integrated authentication for the web portal login, without additional configuration of your browser Windows may prompt for Active Directory credentials. After entering your credentials the login succeeds. (If the Windows Security challenge login screen continues to come up even after entering correct Active Directory credentials then the problem is a different issue. In this case see the attached Knowledge Base article under "See Also Link" above.)


You will need to add the host for the web portal to a list of accepted hosts (Trusted Sites) to supply Active Directory credentials, and in Internet Explorer also change the user authentication logon mode.

Internet Explorer and Google Chrome

For both Internet Explorer and Google Chrome the IIS server host name needs to be added to the zone that is being detected in Internet Explorer. You can check which zone it is by first successfully logging in manually with Internet Explorer and then it will be displayed in the Internet Explorer status bar on the bottom RHS. After determining which zone is being used, that zone needs to be modified to trust the site (IIS server host) and allow the current AD user login to be passed through to the web portal. If it comes up as the "Internet" zone then modify the "Trusted Sites" zone, if "Local intranet" then modify that zone as follows;

1. Open IE's 'Internet Options' from the 'Tools' menu and click on the 'Security' tab,
2. Click on the zone being used (or "Trusted Sites" for "Internet" zone) and then click the "Sites" button (and then "Advanced" if modifying the "Local intranet" zone),
3. Add your HelpMaster server name and IIS Host Name e.g. 'webserver' and/or FQDN e.g. '' to the 'Websites:' list,
4. Now click on the 'Custom level...' button and scroll to the bottom of the 'Settings' list,
5. Under 'User Authentication'>'Logon', select the 'Automatic logon with current user name and password' option. The default setting 'Automatic logon in Intranet zone' will only work if the zone being used is the "Local intranet" zone so change this if Internet access is granted to the HelpMaster Web portal.

Save the above change, close IE and then reopen and browse to the http(s)://[ServerName]or[HostName]/[VirtualDirectory]/Winlogin.aspx page for HelpMaster v16 and below, or for HelpMaster v17 and above http(s)://[ServerName]or[HostName]/Winlogin/hm.login. Set up a Favourite or Bookmark to the previous page for future AD logins.


This is outside the scope of the ordinary configuration pages that are available in Firefox, and therefore must be configured outside of the normal "Options" pages.

1) Open your Firefox browser,

2) In the address bar type 'about:config' and hit enter,

3) In the filter, type 'auth' and hit enter,

4) Locate the entry 'network.automatic-ntlm-auth.trusted-uris', double click on this entry and add the HostName to the "Value" property where HostName is either the machine name or the designated IIS [HostName] of the Web Server serving the HelpMaster requests. For instance, if the web portal is hosted at, add '' to the list. Multiple items may be added using a comma (,) separator.


This should allow the automatic passing of logged on network credentials, which is required if Active Directory integration is to be enabled for the HelpMaster Pro Web Portal (otherwise the user will still be prompted for a login with every new session to that page).

NOTE: For Administrators to apply this setting organisation wide, in Internet Explorer you can deploy these settings via Domain Group Policy. For Firefox you will need to find another way to deploy this setting to all relevant users.