44

I have a site I go to that allows me to auto log in with my creditentials (windows) and using Internet Explorer I can just set the option under "User Authentication" to "Automatic logon with current user name and password", but I'm wanting to use Google Chrome. However, it always prompts me for user/pass and I'm looking to have it set up like IE. Anyone know if this is possible? Thanks!

bbodenmiller
  • 2,782
  • 5
  • 29
  • 48
daveomcd
  • 5,655
  • 12
  • 72
  • 125

4 Answers4

37

If you add your site to "Local Intranet" in

Chrome > Options > Under the Hood > Change Proxy Settings > Security (tab) > Local Intranet/Sites > Advanced.

Add you site URL here and it will work.

Update for New Version of Chrome

Chrome > Settings > Advanced > System > Open Proxy Settings > Security (tab) > Local Intranet > Sites (button) > Advanced.

David
  • 105
  • 4
daveomcd
  • 5,655
  • 12
  • 72
  • 125
  • 5
    In order to get this to work, after I added the site to the Local intranet zone, I had to visit the site in Internet Explorer, and save my credentials there. Then Chrome worked as described in this answer. – NightShovel Aug 21 '13 at 23:20
  • Works for me as well :) – tkestowicz Apr 08 '14 at 07:05
  • "Change Proxy Settings" actually opens IE's network dialog box. Chrome uses the same settings as IE. – Panagiotis Kanavos May 27 '16 at 09:47
  • @Aamir, this answer was 6 years ago. Some things have changed since then. Look at the answer below or look for "Settings". I've also updated my answer to reflect the new location. – daveomcd Sep 12 '17 at 18:05
  • This worked, however, I had to "ignore" the prompt that the site already existed in the Trusted Sites setting - likely that setting is getting propagated by Group Policy, but Trusted Sites doesn't seem to affect Chrome – Coruscate5 Oct 02 '17 at 18:21
  • THIS IS IT!. The answer that worked for me. Wasted days looking for an answer for this issue. Thank you!!! – Liby George Jan 29 '18 at 23:05
29

Chrome did change their menus since this question was asked. This solution was tested with Chrome 47.0.2526.73 to 72.0.3626.109.

If you are using Chrome right now, you can check your version with : chrome://version

  1. Goto: chrome://settings

  1. Scroll down to the bottom of the page and click on "Advanced" to show more settings.

OLDER VERSIONS:

Scroll down to the bottom of the page and click on "Show advanced settings..." to show more settings.

  1. In the "System" section, click on "Open proxy settings".

OLDER VERSIONS:

In the "Network" section, click on "Change proxy settings...".

  1. Click on the "Security" tab, then select "Local intranet" icon and click on "Sites" button.

  1. Click on "Advanced" button.

  1. Insert your intranet local address and click on the "Add" button.

  1. Close all windows.

That's it.

Maxime
  • 7,283
  • 4
  • 48
  • 49
18

While moopasta's answer works, it doesn't appear to allow wildcards and there is another (potentially better) option. The Chromium project has some HTTP authentication documentation that is useful but incomplete.

Specifically the option that I found best is to whitelist sites that you would like to allow Chrome to pass authentication information to, you can do this by:

  • Launching Chrome with the auth-server-whitelist command line switch. e.g. --auth-server-whitelist="*example.com,*foobar.com,*baz". Downfall to this approach is that opening links from other programs will launch Chrome without the command line switch.
  • Installing, enabling, and configuring the AuthServerAllowlist/"Authentication server allowlist" Group Policy or Local Group Policy. This seems like the most stable option but takes more work to setup. You can set this up locally, no need to have this remotely deployed.

Those looking to set this up for an enterprise can likely follow the directions for using Group Policy or the Admin console to configure the AuthServerAllowlist policy. Those looking to set this up for one machine only can also follow the Group Policy instructions:

  1. Download and unzip the latest Chrome policy templates
  2. Start > Run > gpedit.msc
  3. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates
  4. Right-click Administrative Templates, and select Add/Remove Templates
  5. Add the windows\adm\en-US\chrome.adm template via the dialog
  6. In Computer Configuration > Administrative Templates > Classic Administrative Templates > Google > Google Chrome > Policies for HTTP Authentication enable and configure Authentication server whitelist
  7. Restart Chrome and navigate to chrome://policy to view active policies
bbodenmiller
  • 2,782
  • 5
  • 29
  • 48
  • 2
    [This article](http://blogs.specopssoft.com/2014/06/configuring-chrome-and-firefox-for.html) describes how to add values to your registry if you don't want to use GP or command switches. Basically under `HKLM\Software\Policies\Google\Chrome\AuthServerWhitelist` add `AuthServerWhitelist(string):"*example.com,*foobar.com,*baz"`. Annoyingly in my case, my infrastructure guys had added this using GP with 1 single server which caused _every other_ intranet site to prompt me. Deleting this key fixed the issue – Rhumborl Jan 12 '15 at 10:04
  • +1 since inetcpl.cpl Security settings could be unavailable/managed by domain administrator in a AD environment. (the problem that I had - and your answer saved my day.) Thank you, – Rikki May 08 '17 at 05:39
  • @Rhumborl - Excellent solution. – MaYaN May 08 '19 at 14:07
3

In addition to setting the registry entry for AuthServerWhitelist you should also set AuthSchemes: "ntlm,negotiate" (or just "ntlm" as appropriate for your situation). Using the above templates the policy for that will be "Supported authentication schemes"

Shahar Tamari
  • 31
  • 1