An IIS7 Intranet site with Windows Authentication enabled. When hit from Chrome on windows the pass-through authentication works fine (no User / Password prompt), however, Chrome on a Mac you get a prompt. Since the internal network uses CAC/PKI no one has a password.

I’ve tried toggling the Windows Authentication on the site to negotiate, but same user/pass prompt.

appcmd set config /section:windowsAuthentication /-providers.[value='Negotiate']

Anyone know a solution for Chrome on OS X?

EDIT

OS X 10.6.8

Centrify for Mac will be used to authenticate to the (Windows 2008 R2 ActiveDirectory) network via CAC.

EDIT 2

There is a proxy setup, but it gets bypassed for local intranet sites, so I don’t think it is playing a role.

Also tried using the –auth-server-whitelist command line switch, didn’t work.

EDIT 3

SOLUTION

open 'Google Chrome.app' --args --auth-server-whitelist="*DOMAIN.TLD" --auth-negotiate-delegate-whitelist="*DOMAIN.TLD" --auth-schemes="digest,ntlm,negotiate"

Unfortunately Google Chrome for Mac has no way of specifying command line arguments on every load, so some sort of shell script will need to be made.

Running the following shell script at log in was the final solution to get around Chrome updates and extra doc icons.

#!/bin/bash
cd /Applications/Google\ Chrome.app/Contents/MacOS/
if [ -f 'Google Chrome.bin' ];
then
   echo "Already Modified"
else
   sudo chmod u+wr ./
   sudo mv 'Google Chrome' 'Google Chrome.bin'
   sudo echo "#!/bin/bash" > "Google Chrome"
   sudo echo 'exec /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome.bin --args --auth-server-whitelist="*DOMAIN.TLD" --auth-negotiate-delegate-whitelist="*DOMAIN.TLD" --auth-schemes="digest,ntlm,negotiate"' >> "Google Chrome"
   sudo chmod a+x 'Google Chrome'
   echo "NTLM Will now work in chrome"
fi