Hi,
I have setup squid authentication with Kerberos to the 2003 Active
Directory. I could test it successfully to all browsers but failed in IE6.
So I used following squid.conf to get NTLM auth for IE6
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
#auth_param negotiate program /usr/sbin/squid_kerb_auth -d
auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm
/usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp
--domain=SYSNET.LOCAL --kerberos /usr/sbin/squid_kerb_auth -d -s
GSS_C_NO_NAME
auth_param negotiate children 10
auth_param negotiate keep_alive on
### pure ntlm authentication
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics
--helper-protocol=squid-2.5-ntlmssp --domain=SYSNET.LOCAL
auth_param ntlm children 10
auth_param ntlm keep_alive off
acl auth proxy_auth REQUIRED
But the question is it need separate configuration as in ### pure ntlm
authentication for specifically for NTLM?
Is it never work with first entries only which supposed to be worked with
both NTLM and Kerberos ?
Thanks,
Br
abusam
Received on Sat Jun 30 2012 - 11:36:30 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 30 2012 - 12:00:04 MDT