Q

Users can no longer reach any Microsoft login site. Any ideas?

When users can no longer access certain websites, a proxy is most likely the cause. In this identlty and access management expert response, learn best practices for managing such proxies.

We've had a number of users complain that they can no longer reach their Hotmail site from work or any other login site belonging to Microsoft. This has been happening for about a week. The symptom is to get to the login page, enter the credentials and wait, wait ... no errors, no BSOD, no 404, nothing. It is somewhat strange because the users can take the same laptop that failed access from the office net and successfully log in from home or elsewhere outside the office. Any ideas?
The company is probably using some sort of proxy in the office that blocks access to certain websites. Once someone leaves the office with his or her laptop, he or she is connecting directly to the Internet without a proxy, and is home free.

Proxies like those offered by vendors Blue Coat Systems Inc. and Websense Inc. are used by companies to restrict access to the Web by both preventing employees from going to inappropriate sites and blocking them from inadvertently downloading malware. These products frequently are configured to block access to personal webmail like Hotmail, Yahoo and Google, which are often a source of malware. Companies also block personal email to...

prevent data leakage from employees that might try, either maliciously or inadvertently, to send out sensitive customer information or proprietary information.

Proxies usually come with a set of default configurations for blocking things like pornography or gambling, but can also be manually configured to include sites a company might deem as time wasters, such as shopping and social networking sites.

Usually, companies have written policies detailing what is appropriate Web usage; such a policy should be clearly communicated to employees with an explanation that all Web traffic is monitored by proxies.

What's odd is that login sites from Microsoft seem to be affected. But there is a pattern here. Since Hotmail is offered by MSN, a Microsoft product, it can be accessed with a Passport or Windows Live ID account, both also offered by Microsoft.

It's possible that the proxy configurations are blocking Passport, Live ID or other Microsoft single-sign on (SSO) IDs, which would block not only Hotmail but also any other Microsoft login. In an effort to block access to personal email, logins to Microsoft sites may have inadvertently been blocked, too.

First, check if the company is using a proxy product for restricting Web and webmail access, then check the settings to make sure Windows SSO products aren't being blocked as well.

More information:

This was first published in June 2008

Dig deeper on Web Authentication and Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close