Community
cancel
Showing results for 
Search instead for 
Did you mean: 
GRile
New Contributor I
1,362 Views

Trouble logging into via web UI

Jump to solution

Yesterday I provisioned my first AMT machine via SCCM Task Sequence & RCS. It truly was a beautiful moment after days / weeks of pain. I can connect via Commander using my AD creds (Kerberos & TLS) just fine but no matter what I try I cannot login via Web UI. I have tried IE, Chrome and Firefox. All display slightly different results. If I use IE I receive the username / password prompt but no matter what I enter I cannot login. I do not receive the username / password prompt in Chrome or Firefox.

I'm thinking it might have something to do with the client certificate. I followed section 9.2.5 of the SCS guide when defining the certificate template. Any ideas? Many thanks in advance.

0 Kudos
1 Solution
MichaelA_Intel
Moderator
92 Views

grahamriley

Hey there Graham,

Nice detail on the post. This is an issue we are aware of and has to do with some registry settings for IE (which would affect, Chrome, firefox,etc.)

Please follow this link:

https://support.microsoft.com/en-us/help/908209/internet-explorer-6-cannot-use-the-kerberos-authenti... https://support.microsoft.com/en-us/help/908209/internet-explorer-6-cannot-use-the-kerberos-authenti...

I'd make the modifications for both the x32 and x64 this is really meant for the version of the browser you are running vs your OS. The patch, however should already be applied to newer versions just need to make the registry modifications. Also, will need to restart your browser.

Let me know if this fixes the issue.

Michael

View solution in original post

3 Replies
MichaelA_Intel
Moderator
93 Views

grahamriley

Hey there Graham,

Nice detail on the post. This is an issue we are aware of and has to do with some registry settings for IE (which would affect, Chrome, firefox,etc.)

Please follow this link:

https://support.microsoft.com/en-us/help/908209/internet-explorer-6-cannot-use-the-kerberos-authenti... https://support.microsoft.com/en-us/help/908209/internet-explorer-6-cannot-use-the-kerberos-authenti...

I'd make the modifications for both the x32 and x64 this is really meant for the version of the browser you are running vs your OS. The patch, however should already be applied to newer versions just need to make the registry modifications. Also, will need to restart your browser.

Let me know if this fixes the issue.

Michael

View solution in original post

Dariusz_W_Intel
Employee
92 Views

Graham,

As Michael responded you need to enable Web Browser to use Kerberos authentication over non standard port (Intel AMT ports).

You need to do it for any version of MS Explorer anyway - see more details at Intel AMT SDK's implementation and reference guide -online version:

 

https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?tu... https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?tu...

(BTW - check this site home - it provides very useful explanation of AMT technology).

 

So you need to add two registry entries -you can use following commands, make sure you have enabled "Enable Integrated Windows Authentication" (in Internet Options > Advanced) restart Web Browser and enjoy your Kerberos access.

rgds

Dariusz Wittek

Intel EMEA Biz Client Technical Sales Specialist

GRile
New Contributor I
92 Views

Thanks chaps,

Following your replies I found some other threads related to this - it seems quite a common problem. Anyway I found this thread where Dariusz has provided the Reg add commands. I entered these and confirmed that I have integrated auth enabled within IE advanced settings. I can now log on to Web UI using IE. However I still have the same error message in Chrome & Firefox. It is not the end of the world as we can use IE but I just wondered why this might be?

Many thanks for your continued help. Happy to say we are now mostly up and running with AMT.

Regards,

Graham

Reply