I work in a big corporate environment on a windows machine.
When I access corporate websites from outside the corporate network, I need to login.
When I access corporate websites from any browser, but Firefox, from inside the corporate network, I get automatically logged in.
When I access corporate websites from from Firefox, from inside the corporate network, I need to login, as if I'm not in the network.
Initially I thought the login (in the network, from IE/Edge/Chrome) is done via certificates set up via AD group policy in windows' certificate store, so I looked up if I can make Firefox recognize those. Since some version ago, Firefox does trust certificates in Windows' store, but only if security.enterprise_roots.enabled is set to true in the about:config page. So that's what I did, but it made no difference.
Based on @Seth's suggestion that the authentication might be done via NTLM SSO, I followed the instructions on How to configure Firefox for NTLM SSO (Single-Sign-On)?
But that didn't solve it. Moreover, I don't think the authentication is going via NTLM because I don't get a prompt when I need to authenticate (firefox or out of network), but a regular website with the company's logo, etc.
Is there anything else I should look into? Are there any tools with which I can debug what's going on and how does the authentication happen?
There's a very good chance that people at ServerFault have way more knowledge about this, since people asking and answering questions there are the people who set things up so that it's harder for me to use firefox. Maybe even Security stack exchange might yield more answers. But I'm not sure whether a superuser stack exchange is the place where you ask superusers things, or where superusers ask things, so for now I am just assuming the latter, but if a moderator thinks that it's ok for a superuser to ask a sysadmin in the ServerFault about this, I would be happy for this question to be moved there, and this paragraph to be edited out.
