While the iTunes client does support NTLM authentication, it does not accept cookies. If you are doing cookie-based transparent authentication you will need to use one of the following workarounds:
Switch to IP based authentication. This is less secure than using cookies. You can change this configuration option by navigating in the Management Console to: Configuration > Authentication > Transparent Proxy. Switch the method from "Cookie" to "IP".
Configure policy to override authentication for the iTunes user-agent. Here is how to implement this change to your policy:
Go into the Management Console > Configuration tab > Policy > Visual Policy Manager > Launch
Select your currently configured Web Authentication Layer.
Create a new rule by selecting "Add Rule".
Right click in the Source Column and select "Set".
Select New > Request Header (do not select "User-Agent" - this is a predefined list in which iTunes does not exist)
In the Name field enter "iTunes User Agent".
In the Header Name field enter "User-Agent".
In the Header Regex field enter "iTunes.*". (NOTE: That is iTunes[dot][asterisk] )
Press OK twice.
Right click the Action column and select Set.
Select "Do Not Authenticate" from the list and click OK
Use the "Move Up" buttons to move your new rule to the topmost position in the layer, or at least to a location above the existing authentication rule that iTunes requests are matching on.
Click Install Policy.
NOTE: Data based on testing done with iTunes 184.108.40.206.
Imported Document ID: 000012826
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.