Quicktime and authentication

Quicktime and authentication (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Access Policies

Message

hartwich -> Quicktime and authentication (23.Jun.2008 9:50:14 AM)
Hi, I have a problem giving users access through ISA2004 standard using client apps that do not support integrated authentication like Apple's Quicktime. How can I give users access to use Quicktime without using "all users" or limit them to specific websites only? [8\|] Using the firewall client makes no difference. I still get prompted. When using "all users" it works fine. But I do want to use authentication for obvious reasons. You're reaction is appreciated. Erik

pwindell -> RE: Quicktime and authentication (23.Jun.2008 11:43:47 AM)
The Firewall Client does make a difference. Configure Quicktime to not ever use a proxy. If it is set to use a proxy it will not use the Firewall Client,...and it will then fail.

hartwich -> RE: Quicktime and authentication (24.Jun.2008 2:49:07 AM)
Hi Philip, I'm using Quicktime 7.1.3. Only the advanced tab shows a setting for an RTSP-proxy which is not in use. Where do you tell Quicktime never to use a proxy? Gr. Erik

pwindell -> RE: Quicktime and authentication (24.Jun.2008 9:06:48 AM)
You'll just have to look around in the settings. I don't use QT and I don't know my way around the menus. It needs to be configured as if there is no proxy server of any kind anywhere. What out for places where it might be told to use the "browsers settings",...that's the same thing as telling it to use a proxy.

hartwich -> RE: Quicktime and authentication (24.Jun.2008 9:30:54 AM)
Of course I checked all menues and I'm aware of the "use browser settings". Still there are no settings other than what I've said earlier. Checking the logging of ISA it shows that the first attempt is HTTP to port 8080. This attempt gives the authentication failure. Immediately after that there is an "Initiated Connection" on port 1745 followed by an "Initiated Connection" on port 8080 (webproxy) and they both time out after which a prompt is displayed on the client. Thanks for your reply but I'm still stuck. Gr. Erik

pwindell -> RE: Quicktime and authentication (24.Jun.2008 9:34:21 AM)
Temporarily disable the browser's proxy settings (in the browser). Then try it. What does it do then? Try the browser too,...does the browser work off of the Firewall Client after its proxy settings were disabled?

hartwich -> RE: Quicktime and authentication (24.Jun.2008 10:21:05 AM)
That is the trick. It works. Through a domain policy all clients are configured to use automatic detection of proxy settings (WPAD). Because not all clients have a firewall client installed this goes for all clients. But now I know where the problem comes from. Thanks! [:)] Gr. Erik

pwindell -> RE: Quicktime and authentication (24.Jun.2008 11:09:15 AM)
What that means is that QT is in fact "barrowing" the browser's proxy settings. What I had you do was take away those settings so that there was nothing to "borrow". Now you just have to figure out where in the settings of QT this is happening at so you can change it. Once you get that solved then you can put the browser back the way it was. WPAD does not use Group Policy,..it uses DNS and DHCP. It doesn't matter if the machine has the Firewall Client or not,...both the browser and the Firewall Client will use WPAD. I use WPAD here and also install the Firewall Client on pretty much everything except the Domain Controllers and the Exchange Server. The Firewall Client increases security and flexibility, it doesn't decrease them.

Page: [1]