After NTLM SSO has been configured for the first time, it is necessary to restart the MailArchiva server and close down all browser sessions. Try restarting the MailArchiva server and your browser session.
Using Internet Explorer, try logging into Active Directory using the standard MailArchiva login page. To do this, enter the equivalent of http://localhost:8090/signonform.do in the Internet Explorer URL prompt. Enter exactly the same credentials as the user who is currently logged into Windows. If unable to authenticate, Active Directory authentication may not be setup correctly for the user in question. In particular, there may not be a role defined in MailArchiva for the user that is currently logged into Windows. In this case, create a role assignment in Configuration->Logins for this user.
When performing NTLM SSO authentication, it is necessary to specify a fully qualified domain name and not localhost. For example, SSO authentication will not work when specifying "http://localhost:8090". Rather, use a fully qualified domain name such as "http://mailarchiva.company.com:8090".
The fully qualified domain name of the MailArchiva server must be added to Internet Explorer's Local Intranet Zone. This action ensures that your MailArchiva instance is a trusted site.
To circumvent SSO authentication, login directly using the following URL:
Alternatively, edit your server.conf in the configuration path (see File System Layout) as follows: