Last week I had an issue that some Domino Server didn’t provide SSO through SPNEGO any longer (environment worked for over 2 years now). This environment uses the customized domcfg.nsf template of Andreas Artner , maybe it’s related, but I don’t think so, on Windows 7 with latest Internet Explorer 11 and Domino Servers 9.0.1 with latest fix pack.
So what happened? The Domino servers are placed in the “Local Intranet Zone” of IE through Group Policy from beginning. The Windows administrators started to enable “Enterprise Mode” for better handling of compatibility mode and one of the steps is to deactivate the “Display intranet sites in compatibility View” option.
After this, all sites which are not explicitly configured in “Enterprise Mode” are loading in “Edge Mode” and not longer in quirks mode.
Nearly everything worked fine, XPages load every HTML5 Element, the sites seem to deliver content faster and so on.
BUT:
The configured SPNEGO authentication does not load any longer. The domcfg.nsf loads directly the fallback login form. I analyzed with Fiddler 4 , but nothing suspicious was in the trace. So we configured one Domino Url to load in Quirks Mode (IE Level 5) and Desktop SSO worked immediately. So we played with the different levels and it showed that only the “Edge Mode” in IE11 made problems, when we went a step back and used the IE 10 compatibility mode everything worked: XPages, HTML5 and Desktop Single Sign-On.
I hope this saves you some time during troubleshooting, I think the Enterprise Mode is a trending thing and removing the Quirks Mode is an important step.