There doesn't seem to be any UI within Chrome to enable integrated authentication on certain domains, so I created a recommended policy that set the AuthServerAllowlist
setting appropriately. This worked, but with a side effect: DNS-over-HTTPS is now disabled and the settings for it are locked out with the message "This setting is disabled on managed browsers." Is there any way around this, such that I can use integrated authentication and still have the DoH toggle available at the same time?
Add a comment
|
1 Answer
Current versions of Chrome on Windows seem to honor the Internet Explorer zone configuration (inetcpl.cpl). Add your site to the "Intranet" zone and Chrome will use Kerberos with it without any Chrome-specific policies.