• Insights

Internet Explorer Security Zone Settings for Pass-Thru Authentication to SharePoint

Kraft Kennedy

< 1 min read

All Insights

We often come across instances where firms are using NTLM Authentication (Windows integrated authentication) for SharePoint, and expect that Internet Explorer will automatically pass through the authentication from machines within the company, however they still get prompted for credentials.  This issue exists with any IIS website, not just SharePoint, but seems to come up more frequently with SharePoint sites.

The solution revolves around checking the security zones in Internet Explorer, and ensuring that the SharePoint site is included in a zone that will pass through the authentication.  Adding the site to “Trusted Sites” is often the first thought, however that does not work by itself, because “Trusted Sites” only pass the username, not the password, by default in Internet Explorer 7+.  The better choice is to put the SharePoint site in the “Local Intranet” zone, as that’s the only zone which passes both the username and password by default.  If “Trusted Sites” is used, an additional step is necessary beacuse you have to change the custom settings, find user authentication, and check the box to do an “automatic logon with current username and password.”

In order to add your SharePoint site into the “Local Intranet” zone, click Tools –> Internet Options in Internet Explorer.  Then click Security –> Local Intranet –> Sites.  Click “Advanced,” enter the URL of the SharePoint site, and click “Add.”  You’ll notice that the zone name listed in the lower-right corner of the browser changes from “Internet” to “Local Intranet,” and you won’t be prompted for credentials anymore.  Note that this type of pass through authentication is only supported by Internet Explorer, and requires that the computer be inside the corporate network.