> I have configured squid 3.0 with NTLM, and this configuration in
> squid.conf is:
>
> auth_param ntlm program /usr/local/bin/ntlm_auth
> --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm children 30
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> auth_param basic program /usr/local/bin/ntlm_auth
> --helper-protocol=squid-2.5-basic
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
>
> When a test the ntlm auth, in the Explorer client with a user
> authenticate in Domain Controller Windows 2003, the explorer or
> firefox show popup of the basic auth.
> How to use the ntlm auth with an user of the domain group without auth
> basic?
Remove the basic configuration to not use it.
You NTLM is broken by the sound of it if its always falling back on basic.
Although the login box does not necessarily mean basic is being used. It
could just be that the browser has no working credentials for the user to
login NTLM with.
Amos
Received on Mon Dec 17 2007 - 17:34:06 MST
This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:02 MST