User repeatedly prompted for authentication


This article applies to:

  • WebMarshal
  • Windows Vista and later Windows client systems
  • Windows Authentication

Symptoms:

  • When using Windows clients to browse the Internet, users are prompted to re-enter authentication details. This could occur on numerous occasions in the same browsing session.
  • WebMarshal log files report the following error:
    PolicyCache_LookupUser failed: The user name 'MACHINE_NAME$' is not known to WebMarshal (where MACHINE_NAME is the workstation of the user experiencing this issue).
  • Windows incorrectly reports "no network access"

Explanation:

Current Windows versions have a "Network Connectivity Status Indicator" which checks for internet connectivity. This is the function that displays the globe icon and other network status icons in the system tray of the Taskbar. 

The checking process attempts to access a test site using the computer account (not the credentials of the logged on user). When proxy authentication is required, for instance by WebMarshal, the user is prompted for credentials.

For Windows Vista through 8.1, the test site is http://www.msftncsi.com/ 

For Windows 10 and above, the test site is http://www.msftconnecttest.com/

Resolutions:

Option 1

To allow the network probing functionality without prompting the user, add the websites mentioned into the WebMarshal proxy bypass list.

Option 2

To disable the network probing functionality, you can set a Registry key on each workstation affected.

  1. On each workstation, run Regedit (administrative permission is required).
  2. Navigate to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\
  3. Locate the value: EnableActiveProbing
  4. To disable the network probing function, set the value to 0

As always, take due care when editing the Registry.

 

Notes:


Last Modified 1/12/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle14008.aspx