To set up the Yahoo Messenger tool to use only Integrated authentication on your ISA Server computer, configure Microsoft Internet Explorer on the same computer that you use to run Yahoo Messenger so that the "Use HTTP 1.1 through proxy connections" feature is enabled:
- In Internet Explorer, click Internet Options on the Tools menu.
- Click the Advanced tab, click to select the Use HTTP 1.1 through proxy connections check box, and then click OK.
Yahoo Messenger does not send a keep-alive HTTP header, and the request is HTTP 1.0. Because of this, ISA Server replies without a keep-alive header to the NTLM handshake. Because there no keep-alive occurs, the Yahoo Messenger tool starts a new TCP connection and continues the NTLM handshake. This does not work because the NTLM handshake must take place over the same TCP connection.
If you use Internet Explorer instead of Yahoo in a similar way (configured as HTTP 1.0), Internet Explorer sends a keep-alive header in its initial NTLM request. This causes keep-alives to be used all the way, and the NTLM handshake takes place on the same TCP connection. Because of this, an Internet Explorer HTTP 1.0 client works, but Yahoo Messenger does not.
After you enable the "Use HTTP 1.1 through proxy connections" feature, Yahoo Messenger will pick up this setting, and act like an HTTP 1.1 client instead when it talks to ISA Server. Because keep-alives are the default in HTTP 1.1, Yahoo Messenger and ISA Server will do the whole NTLM handshake on the same TCP connection.
The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.