Firefox does not automatically log in when using Active Directory

Overview

Using Active Directory (AD) Authentication on your site allows your visitors to use your organization's AD credentials to log into your DNN site. However, not all browsers work with AD without modification. Firefox needs certain settings changed before it will allow your users to automatically log in.

If your users can automatically login with other browsers (Chrome, IE, Edge, etc.) but not Firefox, they may need to change some settings in Firefox to get automatic authentication working. You can walk them through the following steps to solve the problem.

If you're running into a 401 error when testing AD integration, see the testing note at the bottom of this article.

 

Solution

  1. Open Firefox and type the following into the address bar:
    about:config
  2. A warning will pop up, which they can proceed through.ProceedWithCaution.png
  3. Type "negotiate" into the search bar at the top of the next page. The page will display a set of keys and their values.
  4.  The value of the following keys should be changed to be your AD domain:
       network.negotiate-auth.delegation-uris
       network.negotiate-auth.trusted-uris

    NegotiateScreen.png
  5. Be sure to click the blue checkmark next to each value after entering it.
  6. Completely close Firefox and restart it.

 

Testing

NOTE: If you're browsing the site from the server on which the site is hosted and attempting to use automatic login, you might run into problems with a security loopback check that Microsoft has in place. You will get either a 401 error or be repeatedly asked to sign in. To prevent this, always test automatic login from a system other than the host server.

After applying this fix, clients should be automatically logged into the site using their Windows credentials when browsing with Firefox.

Comments

0 comments

Please sign in to leave a comment.