This is the "SNIP" (subnet IP) of the NetScaler VPX.
The test username and password are, respectively:
For my first attempt, the OWA virtual directory was configured with "forms-based authentication". This is how the authentication settings appear...
And in IIS Manager:
User credentials are easily visible (no need to highlight in bright yellow).
Reminder: when forms-based authentication is selected, the user will see a logon page similar to this:
Integrated Windows Authentication
In IIS Manager:
Windows Authentication is an improvement. The password is not sent in clear text. If we search the packet details, with the same settings as those above, we observe that no such string can be found:
Note: NTLM authentication and Windows Authentication are more or less synonymous - at least for this experiment.
Reminder: when (Integrated) Windows Authentication is selected, the user will either see a logon page like this...
Or... OWA will open automatically with no need to re-enter user credentials.
Some clarification: Integrated Windows Authentication should allow us to open OWA without having to enter our credentials a second time. This type of authentication uses the credentials that we used to login to the client machine itself. There are some conditions however.
- The (Windows) client machine must be a domain member.
- Under the Internet Options "Advanced" tab, the setting "Enable integrated Windows authentication" must be checked.
- The URL for the OWA website must be added to Local Intranet sites under the "Security" tab of Internet Explorer.