On 2/05/2013 2:10 a.m., Romulo Boschetti wrote:
> Hi guys.
>
> We have been using squid for a long time in our company. Right now, i'm testing the latest version ( 3.3.3 so far ) and i'm facing some problems with the authentication process. In our network, we have a "mixed" environment where 95% of the machines are joined in the domain and the other 5% not.
>
> For all "domain" machines the ntlm authentication is working perfectly but for the "non-domain" machines, the basic authentication isn't working and the auth popup keeps showing up.
>
> Do i have to add or change anything in my configuration file to enable this "multiple authentication" feature? The authentication is define as follows:
>
> auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 10 startup=10 idle=1
> auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
> auth_param basic children 10 startup=10 idle=1
>
> NOTE: This scenario works like a charm in the 2.x version.
Do you have a lot of old MSIE 5.x or so clients?
You may find you need to add:
auth_param ntlm keepalive off
Which enabled a hack on NTLM auth challenges to make IE 5-6 and some
other older software work properly.
Amos
Received on Thu May 02 2013 - 01:42:53 MDT
This archive was generated by hypermail 2.2.0 : Thu May 02 2013 - 12:00:03 MDT