If you require authentication you will need to enable Authentication Support
Navigate to BlackBerry Solution Topology > BlackBerry Domain > Component View > MDS Connection Service
Goto the HTTP Tab and change Authentication Support Enabled to YES
To configure the proxy mappings:
Navigate to BlackBerry Solution Topology > BlackBerry Domain > Component View > MDS Connection Service > <on each server>
Goto the Proxy Mappings Tab and create a new Universal Resource Locator:
Enter the URL for your Intranet (e.g http://intranet.*
Under Proxy Type, change this to DIRECT as I guess connections to your Intranet would be direct and not go via your Proxy Server.
You can leave the credentials area blank as this will then prompt the user to authenticate when they try to access the Intranet from the device, else you could enter generic credentials if you don't have different areas of your intranet open to specific users.
Note, you need to fix click on the PLUS sign down in the Proxy Type area, then the PLUS up at the URL area.
Once that has been saved into the list, you will then want to move this up the priority list to the top I expect.
Once you have done all that in the BAS, login to the actual MDS CS Server itself and explore to:
\Program Files (x86)\Research In Motion\BlackBerry Enterprise Server\MDS\Servers\instance\config
Open the MDSLogin.conf file and amend any entries for COMPANY.COM to the name of your internal domain (in uppercase I believe). This will pre-populate the domain field when users are asked to authenticate for access from the device.
Restart the MDS-CS Services and you should be good to go.