Forum Discussion
Integrated Authorization for Intranet Sites
soundman_ok As far as I can tell, command-line argument support for setting auth-negotiate-delegatewhitelist appears to have been removed from Chrome/Chromium some time ago. It does seem to be available as a policy. Do you know if your admins have set this policy? (It should appear if you visit chrome://policy/ in Chrome).
MicrosoftEdge on Mac also supports policy. I'd probably start by trying just com.microsoft.Edge.AuthServerWhitelist and if that doesn't work I can ask around.
Eric_Lawrence Thanks. I tried both com.microsoft.Edge and com.google.Edge to set AuthServerWhitelist and it did not stick.
Edit: I take it back. com.microsoft.Edge and com.microsoft.Edge.Canary work fine. I just had some issues with one specific intranet site, but others seem to be taking the SSO just fine.
- mkrugerAlso, I do want to point out that we changed the name of this policy from Chromium to AuthServerAllowlist.
From your edit, it sounds like you have discovered this if the policies were working for you, but I wanted to point this difference out.mkruger I have a new Mac and I installed Edge stable/prod release. I applied the following but the SSO prompt keeps coming ~once a day. Anything else I need to do?
mkruger - Thanks. This 'hint' lead me to realize the same is true of AuthNegotiateDelegateWhitelist. Edge Chromium is looking for AuthNegotiateDelegateAllowlist in Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge. Once my companie's domain suffix was added to that key in that location, pass-through authentication from chromium Edge through SSRS 2017 to SQL 2017 began to work as expected.
- mkrugerMFoster5879 great, I'm glad this helped. We are also working on some documentation around this and I will try and update this conversation when ready.
- Thanks!! Applied it with the new name too. All good 👍
- Do you mind sharing a sample plist?
