How to enable Windows 7 single sign-on for a website using Windows authentication
Symptom
You visit an intranet website that uses Windows authentication with an IE browser on Windows 7 and expect to be logged in automatically with your current domain credentials. Instead, you are challenged for credentials. Once you enter credentials everything acts normally, but you expect a single sign-in scenario and it doesn't happen. If you visit the same URL with IE on another Windows OS within the domain, single sign-on works as expected.
Cure
A default local security policy in Windows 7 prevents LM and NTLM responses.
- Go to Local Security Policy > Security Settings > Local Policies > Security Options
- Select Network security: LAN Manager authentication level
- Change security setting to Send LM & NTLM responses
Related
- Another possible local security policy to try is Network security: Configure encryption types allowed for Kerberos. http://serverfault.com/questions/51747/windows-7-single-sign-on.
- How to enable NTLM single sign-on behaviour in Firefox: http://sivel.net/2007/05/firefox-ntlm-sso/.