KNOWN ISSUE: User needs to logon a few times to properly load certain SMP 7.1 Console items.

Article:TECH156006  |  Created: 2011-03-18  |  Updated: 2013-03-19  |  Article URL http://www.symantec.com/docs/TECH156006
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution


Issue



Normally if a user logon to the Symantec Management Platform 7.1 (SMP or NS) server, he should be able to browse all the pages without being required to logon again unless the logon state expired. It is observed that in SMP 7.1, it appears the user needs to logon a few times to properly load certain SMP Console items, especially when selecting the 'Settings > All Settings' console item, you have to logon about 6 to 8 times to allow the whole left navigation tree properly loaded. This issue is experienced 100% if the NS is a newly installed and the logon is the first logon to this NS server.

Steps to reproduce:
- Create a new SMP account, assign it as a member of the Symantec administrators
- Logon your SMP using a new created user (you can reset your IIS/NS service to make the issue more reproducible, however the behavior was not caused by restarting the IIS/NS service)
- Navigate to the 'Settings >All settings' page

Expected result:
In the left navigation pane, the 'Settings' navigation tree should be loaded properly without requesting re-logon

 

 


Error



User had to logon another 6 to 8 times to allow the full tree completely loaded.
 


Environment



Symantec Management Platform 7.1 MP1 (7.1.6797), 7.1 SP1, 7.1 SP2, 7.1 SP2 MP1


Cause



This issue has been noticed randomly and there is not a 100% duplication rate.


Solution



Many of the reasons that were causing to prompt for Credentials were addressed with the SMP 7.1 SP2 Release. However, there were other use cases where Dev couldn't duplicate what the customers reported.

The following steps are provided as suggestion if the issue is still present:

1) Please review and try the suggestions on Microsoft KB2749007 "An unexpected 401.1 status is returned when using Pre-Authentication Headers with Internet Explorer and Internet Information Services"
2) Within IE, add the SMP URL as a "Intranet site".
3) Open IIS Manager, select "/Default Web Site/Altiris/Console". On the right pane, double-click on "Authentication". After that, right-click on "Windows Authentication" and select "Providers...". By default, the Enabled Providers have the order of "Negotiate" and then "NTLM". We need to swap these so that "NTLM" is at the top of the list.
4) Check the "Enable Integrated Windows Authentication" checkbox in IE (under Tools_>Internet Options->Advanced->Security). 


Supplemental Materials

SourceETrack
Value2323160, 2814022

SourceETrack
Value2264630, 2141478, 2205624


Article URL http://www.symantec.com/docs/TECH156006


Terms of use for this information are found in Legal Notices