We ended up using AD Group policy to not go through
the proxy for that site... not ideal, but just to make
sure I understand the other way to do it....
You can put the http_access with the acl before the
http_access allow_ntlm and it should work?
--- Mark Elsen <mark.elsen@gmail.com> wrote:
> > Is it possible to have my ntlm users go around 1
> > domain? We can't seem to get a state web site
> (which
> > uses a weird front end to it's client... but it
> ends
> > up on the web) to go through the proxy. When we
> sniff
> > the traffic locally, it is popping up a 407, but
> their
> > isn't anyway to log in.
> >
> > I tried to put an acl and http_access higher in
> the
> > list in the .conf, but that didn't seem to matter?
> >
>
> It would have been more productive to show that
> line, which you put
> for that domain in squid.conf, offhand & probably it
> should
> resemble something like this :
>
> acl ntlm_go_around dstdomain name-excluded-domain
> ...
>
> http_access allow ntlm_go_around
> http_access allow ntlm_users (provided proxy
> AUTH ACL is named 'ntlm_users')
>
> M.
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Fri Feb 24 2006 - 13:57:34 MST
This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:04 MST