3

Given: 2 sharepoint systems (test and production), both https and kerberos authentication active. SQL 2016, Windows Server 2016. Single sign on works when editing existing documents on both systems in all browsers (Edge/Chrome/IE11/FFox)

However, when creating a new document directly in the library (->file ->new document), win10 asks for authentication on any machine with any user and browser (and on both sharepoint systems). After authenticating, creation works, but that step is annoying.

And on win8.1 systems, it does not ask for authentication, no matter what user or machine or browser. We have no idea why, since there are no settings especially for win10.

What could it be that win10 does differently?

MTG
  • 81
  • 1
  • 1
  • 2
  • If you click on "new document"... Will it open a new document via OfficeWebApps or does it try to open it directly in the client-application? Can you give us also the URL of the WebApplication (can be anonymized, need to know if FQDN or short-version)? – MHeld Feb 14 '17 at 15:33
  • Hi. It opens the client side application. The url is the FQDN. Today we learned that this problem is exclusive to the combination office2010@win10. O2010@win8.1 works and o2016 works on both win8.1 and win10. Everywhere. – MTG Feb 15 '17 at 16:22
  • Another thing... this was my first question here. You answered yesterday, but I get notified via e-mail just now - is that normal? – MTG Feb 15 '17 at 16:25
  • Are you using Server Name Indication (SNI) for https? – sschoof Feb 20 '17 at 08:04
  • Hi sschoof. No, we don't. – MTG Feb 20 '17 at 08:38

1 Answers1

0

I am not sure how Office2010 opens documents on Windows10. It could use the WebDAV protocol. As your URL is FQDN, it then would help to add SharePoint's URLs to the AuthForwardServerList Registry-Key on every client.

MHeld
  • 5,133
  • 5
  • 26
  • 40
  • AuthForwardServerList was tried already - no better. (of course the web client service is running at the client and after the regchange, it was restarted). We are very close to dumping O2010 because we have other problems with sharepoint only with O2010. – MTG Feb 16 '17 at 08:48
  • The same behavior (authentication only on win10) happens, when we choose to open a library in windows explorer. That could be for the same reason, I guess. But what is it? – MTG Mar 08 '17 at 15:19
  • Could you please double-check your AuthForwardServerList. It is important to add the URL exactly as written in browser including protocol and without trailing slash (e.g. https://sharepoint.mycompany.com). You must configure the key on your clients, not on the SharePoint-Server. – MHeld Mar 08 '17 at 18:03
  • We found it. It were two things to configure: At the server, modify a part of the master page to http-equiv="X-UA-Compatible" content="IE=10" (on clean installations, it is "IE=9" and on our productive machine, we had set it to IE=Edge, because with IE=9, drag and drop does not work). Second thing was the AuthForwardServerList entry. The latter alone did nothing. – MTG Mar 10 '17 at 07:58