In the past I’ve blogged about changing the authentication in TMG from NTLM to Kerberos http://support.risualblogs.com/blog/2011/07/01/auto-detect-not-working-via-wpad-in-ie-via-tmg/
But what if you want to revert this change and go back NTLM , there’s very little on the web telling you how to do this , but there’s a quick way to switch this all back.
Please see below:
To change to Kerberos the script was:
Const fpcCarpNameSystem_DNS = 0
Const fpcCarpNameSystem_WINS = 1
Const fpcCarpNameSystem_IP = 2
Dim oISA: Set oISA = CreateObject( “FPC.Root” )
Dim oArray: Set oArray = oISA.GetContainingArray
Dim oWebProxy: Set oWebProxy = oArray.ArrayPolicy.WebProxy
If fpcCarpNameSystem_DNS = oWebProxy.CarpNameSystem Then
WScript.Echo “ISA is already configured to provide DNS names in the WPAD script”
WScript.Quit
End If
oWebProxy.CarpNameSystem = fpcCarpNameSystem_DNS
oWebProxy.Save true
WScript.Echo “ISA was configured to provide DNS names in the WPAD script…”
To change back to NTLM, simply change the following line in the vbs.
oWebProxy.CarpNameSystem = fpcCarpNameSystem_DNS to oWebProxy.CarpNameSystem = fpcCarpNameSystem_IP
So the script should now look like
Const fpcCarpNameSystem_DNS = 0
Const fpcCarpNameSystem_WINS = 1
Const fpcCarpNameSystem_IP = 2
Dim oISA: Set oISA = CreateObject( “FPC.Root” )
Dim oArray: Set oArray = oISA.GetContainingArray
Dim oWebProxy: Set oWebProxy = oArray.ArrayPolicy.WebProxy
If fpcCarpNameSystem_DNS = oWebProxy.CarpNameSystem Then
WScript.Echo “ISA is already configured to provide DNS names in the WPAD script”
WScript.Quit
End If
oWebProxy.CarpNameSystem = fpcCarpNameSystem_IP
oWebProxy.Save true
WScript.Echo “ISA was configured to provide DNS names in the WPAD script…”
As soon as you’ve ran the above, your WPAD will be back to giving the IP of TMG servers and therefore back to NTLM authentication!
