Troubleshooting for Integrated windows authentication (IWA)

If the IWA link does not open the Console page, you can use the following troubleshooting steps:

  1. Verify if you are using IWA in your local machine instead of remote machine.
  2. If you see a white screen after clicking the IWA link, verify if the user is assigned the role in your RBAC Administration Console.
  3. Note: If Console Database Connection uses Windows Authentication Mode, refer the link.
  4. Configure using the steps given below if you encounter any issue during IWA login using Firefox to open the console URL.
  5. Follow these steps:
    1. In the browser's Location field, enter about:config.
    2. Click I'll be careful, I promise! to continue to the about:config page.
    3. Set values for the following options so that the browser trusts the ProxySG appliance and negotiates authentication:
    4. network.automatic-ntlm-auth.trusted-uris, network.negotiate.auth.delegation-uris, network.negotiate-auth.trusted-uris
    5. For each option, complete the following steps:
      • Locate the option that you want to set by scrolling or entering the option name in the Filter field.
      • Double-click the option to open the Enter string value dialog.
      • Enter the virtual URL (for transparent deployments).
      • If you have more than one ProxySG appliance that will challenge for authentication credentials, separate the entries with commas. For example, if your opened URL for console is https://localhost:8015; you can enter localhost as the string value, Or https://10.57.60.9:8015, then enter 10.57.60.9 as the string value.
      • Click OK.
  6. While using Internet Explorer to open Console with IWA on the remote machine whose Windows credential is exactly same to the local machine that UDP installed, you may need to set using the following steps:
    1. Select Tools > Internet Options.
    2. Select the Security tab.
    3. Select the Local intranet zone and click Sites > Advanced.
    4. Enter the fully qualified domain name of the ProxySG appliance (for explicit deployments) or the virtual URL (for transparent deployments) in the Add this website to the zone field and then click Add > Close > OK.
    5. Select the Advanced tab and make sure the Security > Enable Integrated Windows Authentication option is selected.
    6. Click OK to save your changes and close the Internet Options dialog.