Summary: EasySSO has been installed and it's working great with IE and Edge.  However, it's having some issues with Chrome.


Symptom: No SSO at all in Chrome, but SSO works correctly in IE and EDGE:

Check which zone Internet Explorer lists the site in Internet Options/Security. It may be in the Trusted Zone

IE and Edge will happily perform NTLM authentication to Trusted Sites, but Chrome won't – the site has to be in Intranet Zone.

Symptom: No SSO at all in Chrome, but in IE you get domain credentials popup, entering credentials into popup does log in

Check which zone Internet Explorer lists the site in Internet Options/Security? It may not be in either Trusted or Intranet Zone.

For EasySSO to work correctly across browsers, your Atlassian site should be in the Intranet Zone.

Symptom: No SSO at all in Chrome, works correctly in IE and Edge, and Atlassian site already in Intranet Zone:

There are some Registry settings that can affect whether Chrome allows NTLM. The AuthSchemes registry entry controls which authentication types Chrome will attempt. The Windows registry item
Software\Policies\Google\Chrome\AuthSchemes controls this setting.

For NTLM to work, the "ntlm" value must be in this list. For Kerberos to work, the "negotiate" value must be in this list.

Symptom: Each time when Chrome close and open, SSO won't work until cookies are deleted.

Recommendation: check if Google Chrome Session Saver Extension is being used and disable it.

EasySSO articles