Configuring Internet Explorer for Automatic Logon

Topic Last Modified: 2009-02-27

If you have implemented Integrated Windows authentication, internal users (that is, users located behind your organization’s firewall) can log on to Communicator Web Access without having to provide a user name and password. In this case, Communicator Web Access authenticates the user by using the credentials supplied when the user first logged on to his or her computer.

For this type of authentication to take place, the following two things must be true: the user must be running a browser that supports Kerberos and/or NTLM authentication; and, that browser must be configured to allow for automatic logon to a Communicator Web Access site. You can configure Internet Explorer for automatic logon by completing the following procedure on each client computer.

You can configure these settings by using Group Policy too. By using Group Policy, you can configure client computers without having to log on to each computer.

To configure Internet Explorer for automatic logon

  1. Open the Internet Options dialog box by choosing Internet Options either from Control Panel or from the Tools menu in Internet Explorer.

  2. In the Internet Options dialog box, on the Security tab, select Local intranet, and then click Custom Level.

  3. In the Security Settings dialog box, under Logon, select Automatic logon only in Intranet zone, and then click OK.

  4. In the Internet Options dialog box on the Security Settings tab with Local intranet still selected, click Sites.

  5. In the Local intranet dialog box, click Advanced.

  6. In the next dialog box (also titled Local intranet), type the URL of your Communicator Web Access site (for example, https://cwaserver.contoso.com) in the Add this Web site to the zone box, and then click Add.

  7. In the Local intranet dialog, box click OK.

  8. In the original Local intranet dialog box, click OK.

  9. In the Internet Options dialog box, click OK.

To configure Internet Explorer for automatic logon by using Group Policy

  1. Open the Group Policy Management Console, and then either create a new Group Policy Object (GPO) or edit an existing GPO.

  2. Expand Computer Configuration, expand Policies, expand Administrative Templates, expand Windows Components, expand Internet Explorer, expand Internet Control Panel, and then click Security Page.

  3. In the details pane, double-click Site to Zone Assignment List.

  4. In the Site to Zone Assignment List Properties dialog box, click Enabled.

  5. In the Site to Zone Assignment List Properties dialog box, click Show.

  6. In the Show Contents dialog box, click Add.

  7. In the Add Item dialog box, type the URL of your Communicator Web Access site (for example, https://cwaserver.contoso.com) in the Enter the name of the item to be added box.

  8. Type 1 (indicating the local intranet zone) in the Enter the value of the item to be added box, and then click OK.

  9. In the Show Contents dialog box, click OK.

  10. In the Site to Zone Assignment List dialog box, click OK.

  11. In the Group Policy Management Editor, click Intranet Zone.

  12. In the details pane, double-click Logon options.

  13. In the Logon options Properties dialog box, click Enabled.

  14. In the Logon options list, click Automatic logon only in Intranet zone, and then click OK.

  15. Close the Group Policy Management Editor.