Logins requiring Microsoft Authentication being blocked - unable to login

[Cookie Monster 0]

We have had a long standing issue with ESET and being able to login to sites or apps that use MS authentication.  We have an internal application and our login to Office 365 fail to login.  You try to sign in, enter the username and password, go to our federated server for the authentication and then get turned right back out to the network login.  A few turns at doing that, and sooner or later we start locking accounts.

We ultimate figured out the issue was an issue between Windows 10 v. 1803 and ESET.  Works fine up until we install ESET and then, once it's installed, we can't login any longer.  I can't speak to the 1809 build but it definitely happens with 1803.  We figured out a work-around until a patch comes along - we have to go into web access protection and disable http protocol checking and https checking.  With those disable, everything works fine.

Any ideas why this is an issue or is there a patch in the works to address?  I don't like having to do the work around obviously, but as we roll out more windows 10 machines and move more to office 365, it becomes a bigger issue.

 

 

[Peter Randziak 1,130]

Hello @Cookie Monster,

the most straightforward solution should be to exclude the communication with the domain by the exclusion by the certificate.

Regards, Peter

[itman 1,659]

On ‎4‎/‎22‎/‎2019 at 8:07 PM, Cookie Monster said:

We have an internal application and our login to Office 365 fail to login. 

If I am interpreting this right, you're trying to login to Office 365 through this internal application? If this is the case and alternatively, you can just exclude this internal app from Protocol filtering. This is much safer than totally disabling SSL protocol filtering. See the below screen shot:

[Cookie Monster 0]

Thanks for the response - my apologies that I was not more clear.  By 'internal application' I meant that it's a web-based  application - not something that is installed on the desktop.  

I did go ahead and try the url, but that didn't work either.  I also tried excluding the ip address of the page and tried to do what Peter suggested as best as I could understand it - by adding the site to the list of addresses to be excluded.  That did not work either.

Looking at a bit more, I realized it's not the site per se, but the Microsoft authentication is uses to log users in that is getting hung up.  I can also duplicate the behavior by trying to login to Office365 - click on login, enter credentials, the system tries to validate against our local federated server and then kicks the login back out as if it never happened.

That makes me think it's something in the validation process with our federated server that is causing the issue.  But when I add the federated server url to the URL Address Manager, I still get the same behavior.

[itman 1,659]

23 minutes ago, Cookie Monster said:

I can also duplicate the behavior by trying to login to Office365 - click on login, enter credentials, the system tries to validate against our local federated server and then kicks the login back out as if it never happened.

Have you checked the server logs as to why the validation is failing?

[Peter Randziak 1,130]

Hello @Cookie Monster,

I'm sorry for the delay.

I meant excluding the connections by Certificate and set Scan action to ignore.

You need to navigate to ESET Advanced setup -> Web and email -> click on the Edit button next to the  List of known certificates -> Add -> set the scan action to Ignore -> select URL next to Import certificate from URL can enter the URL of your company auth. URL. See the details on the attached screenshot. Please let us know if it helps.

 

Regards, Peter