Enabling Integrated Windows Authentication in Chrome on a Mac

I was surprised at how difficult it was to find this information, given that Chrome is certainly one of the most widely-used browsers in the world, and also that it is commonplace to have Macs connecting to Windows domains.

I found that the domains that would be sent IWA information are set in the AuthServerWhitelist policy. But how to change these policies?

After coming across this article, it appeared that changing the policy via the Terminal window would be the best – and possibly only – way to do this.

Enter the following line into Terminal, using comma-separated domains that you trust with your credentials (with or without wildcards), and press Enter.

$ defaults write com.google.Chrome AuthServerWhitelist "*.domain1.com, *.domain2.net, *.domain3.org"

Restart Chrome.

By accessing chrome://policy, now, you can see the new domains in the policy setting.

Chrome Policies page

While this has not proven to be foolproof – some domains still prompt for a user name and password – it seems to work more often than not.

Leave a Reply