Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Firefox v30 does not handle NTLM v2 properly

  • 4 uphendule
  • 5 zinale nkinga
  • 2 views
  • Igcine ukuphendulwa ngu tomb-11

tomb-11
tomb-11
more options

Following upgrade to Firefox v30, with network.negotiate-auth.allow-insecure-ntlm-v1 defaulting to 'false', users are unable to authenticate, even though NTLM v2 is being used. NTLM v1 had to be re-enabled for backward compatibility and network.negotiate-auth.allow-insecure-ntlm-v1 had to be set to 'true' for Firefox to support authentication.

Following upgrade to Firefox v30, with network.negotiate-auth.allow-insecure-ntlm-v1 defaulting to 'false', users are unable to authenticate, even though NTLM v2 is being used. NTLM v1 had to be re-enabled for backward compatibility and network.negotiate-auth.allow-insecure-ntlm-v1 had to be set to 'true' for Firefox to support authentication.

All Replies (4)

user633449
user633449
more options

NTLMv2 won't work on Firefox on non-windows machines.

tomb-11
tomb-11 Umnikazi wombuzo
more options

That should be fixed.

user633449
user633449
more options

https://developer.mozilla.org/en-US/Firefox/Releases/30/Site_Compatibility#Security and the related links should be interesting.

tomb-11
tomb-11 Umnikazi wombuzo
more options

Release notes for v30 state: "network.negotiate-auth.allow-insecure-ntlm-v1 

   Introduced in Forefox 30 on April 25th, 2014, disables use of our own internal implementation of NTLM module that talks only NTLMv1."

For Firefox to be a viable browser in corporate networks, the NTLM module needs to be updated to talk NTMLv2.