I have Livelink working with Windows Authentication. I can login to the interface with a domain account. I also have a seperate alias setup to not use Integrated Authentication so that regular users, such as Admin, can login. I have the les-services setup for Integrated Auth. If I use Internet Explorer to access a page such as http://localhost/les-services/ContentService.svc I get challenged for my domain user info, and then the page is displayed to me. I can access the les-services from any machine on the domain and the page displays fine.
I have an application that was working fine when Livelink wasn't using Windows Authentication. I could add, edit and search documents and the like. I have updated the Service References for the application and can see that the security sections for the endpoints have been updated properly. I have followed the recommendations in thread https://knowledge.opentext.com/knowledge/llisapi.dll?func=ll&objId=16593319&objAction=viewincontainer and no longer attempt to get a token from the AuthenticationClient service.
The issue is that I am getting a 401 error. The call from my application to the livelink services are server to server connections, whereas when you directly use Internet Explorer to bring up a .svc file it's client to server. The error that is thrown back is "The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'". If I look in the IIS log files it does show that it is a 401 error.
Normally in a .NET server to server service communications you can set the credentials to pass the user/pass information properly (objX.Credentials = System.Net.CredentialCache.DefaultCredentials). There is no way to do so with the Livelink services. I'm not sure if this is relevant or not, but I thought it worth mentioning.
Has anyone ran into this before or know how to resolve the issue?
