This HowTo will describe how to enable NTLM authentication (Single Sign-On) in Firefox.
How many of you have noticed that when you are using Internet Explorer and you browse to your companies intranet page that it will automatically authenticate you but when you use Firefox you will be prompted with a login box?
I recently, in searching for solutions to allow NTLM authentication with Apache, stumbled across how to set a preference in Firefox that will pass the NTLM authentication information to a web server. The preference is network.automatic-ntlm-auth.trusted-uris.
So how do you do it?
1) Open Firefox and type “about:config” in the address bar. (without the quotes of course)
2) In the ‘Filter’ field type the following “network.automatic-ntlm-auth.trusted-uris”
3) Double click the name of the preference that we just searched for
4) Enter the URLs of the sites you wish to pass NTLM auth info to in the form of:
http://intranet.company.com,http://email.company.lan
5) Notice that you can use a comma separated list in this field.
6) Updated: I have created VBScript that can be used to insert this information into a users prefs.js file by using group policy or standalone if for some reason you want to use it for that.
The script is available to be downloaded here.
After downloading the script you will want to extract it from the ZIP archive and then modify the line starting with strSiteList.
NOTE: This script will not perform its function if the user has Firefox open at the time the script is executed. Running the script through group policy will work without problem unless for some reason your group policy launches Firefox before the execution of this script.
You can read through the rest of the script for additional information. If you have questions, comments or concerns please let me know.
Good clear instructions.
Pingback: Enabling NTLM Authentication (Single Sign-On) in Firefox | Sivel.net
Now can you get it to pass kerberos auth?
Pingback: Podcast #5 - stackoverflow
Pingback: Mind Gravy » Blog Archive » links for 2008-05-23
network.automatic-ntlm-auth.trusted-uris seems to be removed in firefox 3…
@Sol: I just checked and that configuration is indeed still in Firefox 3.
@Sol: you probably mistyped something. Just use “ntlm” as your filter, there will only be three or four results, and the trusted-urls one is definitely in there in FF3.
Thanks. Works on FF 3
This is amazing, thanks so much. I already deployed it to my whole company
This is great help to use without authentication at work.
It bumped up before. now I am happy with this solution.
Thanks!
I have made the entry in “about:config”. I still have to provide my user credentials.
preference name:= network.automatic-ntlm-auth.trusted-uris
value:= http://microsoft.com/team_mate
the site still prompts me for credentials.
That value can only contain http://microsoft.com without the trailing slash and without additional parts of the url appended.
Hey Matt!
do you have a copy of the Script that is created? the link have been removed.
Best Regrds
Ronny
Pingback: How To Enable Firefox to Login Automatically to Intranet Servers – Yanachik.org
Hi,
is there any chance to get a hand on this great VBS? the link is down.
Since
Ron
The link has been fixed. http://cdn.sivel.net/f/i/firefox_ntlm_preference_conf.zip
Thx Matt! :)
//Ronny
Ronny,
is it possible for u to send me the ntml-script for firefox. The link is down again and I need it badly ;)
Regards
Tom-Erik
Norway
Sorry to bother, I did manage to download now…
Would there be a problem if https is used? I’m setting the value for our sharepoint server (IT set it up with https for both internal and external) and am still prompted for credentials… Argh.
I am at the same problem right now, but i can’t find a way around. Any new suggestions?
I enabled network.automatic-ntlm-auth.trusted-uris and added http://support.therocksandiego.org but it still prompts me for a user/pass when I enable single-signon in the support application. Works fine in IE. Any thoughts?
p.s. Its the new firefox 3.5.5
@Merle Reine,
Instead of putting the whole url in the field, try just putting the domain. Instead of:
http://support.therocksandiego.org
put in:
therocksandiego.org
That’s the format I use for our intranet and it auto authenticates for me just fine.
This addon makes managing the list of URLs even easier:
https://addons.mozilla.org/en-US/firefox/addon/13816/
I have Firefox login to SharePoint working from a Windows machine. But Firefox with the same settings on Linux just goes into an infinite loop of asking for authentication. Has anyone figured out how to get NTLM to work from Linux?
OK, I finally found the magic combination. After setting network.automatic-ntlm-auth.trusted-uris as above, in IIS I had to have only ASP.NET Impersonation and Basic Authentication enabled. I had to disable Windows Authentication. With this setup, I get automatic authentication from Firefox/Linux, but now I have to provide username/passwd for IE/Windows! Looks like I may end up with two incarnations of the same server, to handle different authentication schemes.
SharePoint 2007/IIS 7/Windows 7
Firefox 3.6.9/RHEL 5
You’re the best, resolved my issue with Proxy authentication for 500 users.
Cheers
Wiss
Excellent!! Did you know that you can install Firefox in wine and if you are logged in a Windows domain using Samba you can use NTLM in Firefox in LINUX??
Regards,
Carlos
Thanks a lot! Awesome! But.. does it support wildcards?
@Alexander it seems wildcards dont work, I just tried it with no luck
Nice, I’ve been looking for way to stop those annoying pop ups. Great job!
Do I use cscript.exe to run the script in a Windows environment?
@Ronnie: it has been so long since I wrote this or even used the script. But if memory serves me then I believe it is wscript
Matt, this is wonderful!
Would this work for FireFox 4? I tried running the VBS script but the config values remain the same. Thanks!
I am having a problem with Just using the Front Part of a Server Name, as this is on an Internal Network – No Domain is presented.
http://MyServer, in the Field i use just “MyDomain.com,MyServer” and still prompts for my Credentials any Help Greatly Appreciated.
Awesome script thank you very much. Any chance on creating one that can modify the home page or point me in the direction of one, been unable to find one so far.