To be clear, NTLM/negotiate works, I can see in event viewer, a successful login audit record, BUT the second hop from IIS -> Sql server fails. Which means that the delegation pieces are not working. I've validated it in chrome, via the registry settings, (below) and it picks them up and allows the delegation, what I was trying to figure out is if possibly cef needs a different registry location since as you can see Chrome and Chromium have different locations for the setting.
- Code: Select all
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Chromium]
"AuthNegotiateDelegateWhitelist"="*"
"AuthServerWhitelist"="*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome]
"AuthNegotiateDelegateWhitelist"="*"
"AuthServerWhitelist"="*"
Any help would be greatly appreciated.