To configure a Virtual Service to use NTLM authentication, follow the steps below.

Note: These steps assume that the Virtual Service has already been set up and configured as needed (apart from the ESP settings). For further information on Virtual Services in general, refer to the Virtual Services and Templates, Feature Description. For further information on the different fields in the LoadMaster WUI, please refer to the Web User Interface (WUI), Configuration Guide.
  1. In the main menu of the LoadMaster WUI, go to Virtual Services > View/Modify Services.
  2. Expand the ESP Options section.

  3. Expand the ESP Options section.

  4. Select the Enable ESP check box to turn ESP on.
  5. Select NTLM or NTLM Proxy as the Client Authentication Mode.
  6. Select the client-side SSO domain that was created in the Configure the Client Side SSO Domain section in the SSO Domain drop-down list.
  7. You can optionally assign Alternative SSO Domains if needed.
  8. Set any Allowed Virtual Hosts and Allowed Virtual Directories, as needed.
  9. Select the Server Authentication Mode.
    Note: You must set the Server Authentication Mode to KCD and ensure there is an Server Side SSO Domain selected to use the following fields: - Pre-Authorization Excluded Directories - Permitted Groups - Permitted Group SID(s) - Include Nested Groups - Steering Groups
    Note: You must ensure that NTLM is available as part of Integrated Windows Authentication (IWA) and that this is enabled on the Real Server for server-side authentication to work in both KCD and NTLM-Proxy Server Side authentication modes.
  10. Select the server-side SSO domain that was created in the Configure the Server Side SSO Domain section in the Server Side configuration drop-down list.
  11. Configure any of the other ESP settings as needed.
Note: For further information on the ESP WUI options and ESP in general, please refer to the Edge Security Pack (ESP), Feature Description.