Symptom
When launching Visitor Management Front Desk (or Kiosk) via ClickOnce, you may encounter the following error.
"The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'"
To resolve the issue, follow one of the three resolution paths below.
Resolution Path 1:
If the application server is on a different domain than the client computer, consult the Visitor Management Front Desk User Guide, Chapter 3, "Workaround for Security Policies" for information on how to work around this scenario.
Resolution Path 2:
1) In Internet Explorer, from the Tools menu, select Internet Options.
2) On the Internet Options > Security tab, select Local intranet.
3) Click [Sites]. The Local intranet window appears.
4) Click [Advanced].
5) Add the application server to the list of sites, then click [Close].
6) Click [OK], then [OK] again to save the change.
Resolution Path 3:
Ensure the user account logged into Windows is a domain user account.
"The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'"
Resolution
This error occurs because only one security policy is typically supported by the Windows Communication Foundation (WCF) service for Visitor Management, regardless of the IIS setting to support both anonymous and Windows Authentication.To resolve the issue, follow one of the three resolution paths below.
Resolution Path 1:
If the application server is on a different domain than the client computer, consult the Visitor Management Front Desk User Guide, Chapter 3, "Workaround for Security Policies" for information on how to work around this scenario.
Resolution Path 2:
1) In Internet Explorer, from the Tools menu, select Internet Options.
2) On the Internet Options > Security tab, select Local intranet.
3) Click [Sites]. The Local intranet window appears.
4) Click [Advanced].
5) Add the application server to the list of sites, then click [Close].
6) Click [OK], then [OK] again to save the change.
Resolution Path 3:
Ensure the user account logged into Windows is a domain user account.
