[squid-users] Squid web proxy NTLM authentication problems

From: Dennis Apel <apel_at_babtec.de>
Date: Tue, 17 Nov 2009 11:58:14 +0100

Hi everybody!

I'm using the Win32 port of Squid 2.7 STABLE7 and I've run into a problem using NTLM authentication. With Squid NTLM authentication is handled by a helper app, mswin_ntlm_auth.exe. On every version of Windows up to Server 2008 this has worked fine, but on 2008 and 2008R2 the validation of the user credentials fails, so in IE you repeatedly get the password prompt even when you put in the correct username and password.

The same config works fine on Windows 2000, Windows 2003 but fails on 2008, so my guess is that something has changed in the default NTLM settings in Server 2008. However so far my google-fu has failed to find anything useful

Another interesting fact is that on the machine running squid it works flawlessly authenticating and accessing web sites. The access.log shows TCP_DENIED/407 for all attempts to access websites from other machines while it shows normal entries when accessing websites from the proxy itself.

If anyone got squid working on 2k8 or has a tip for me I'd be very grateful to hear the details!

Cheers,
Dennis
Received on Tue Nov 17 2009 - 10:58:17 MST

This archive was generated by hypermail 2.2.0 : Tue Nov 17 2009 - 12:00:04 MST