Hi.
I have a setup with Squid 3.0 stable 7 and DansGuardian 2.9.9.4. I
have been trying to set up authentication using ntlm_auth connecting
to Active Directory. Everything works fine except I get prompted for a
username and password for every single domain. The credentials are
accepted, and I am allowed to browse that domain (ex. www.google.com)
for as long as the credentialsttl is set, but if I try to access a
different domain, then I am asked for my credentials again. I have
referanced all the FAQs and tried to search the mailing list, and
couldn't find anything. My config is below. Also, when I uncomment the
first two lines, then I get asked for credentials twice. Any help
would be greatly appreciated.
#auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
#auth_param ntlm children 15
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 10
auth_param basic realm Proxy
auth_param basic credentialsttl 2 hours
authenticate_ttl 2 hours
cache_effective_group root
visible_hostname slate.tbc2day.edu
shutdown_lifetime 5 seconds
http_port 127.0.0.1:3128 vhost
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
pid_filename /var/run/squid3.pid
access_log /var/log/squid3/access.log squid
log_mime_hdrs off
forwarded_for off
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl CONNECT method CONNECT
acl ldap-auth proxy_auth REQUIRED
acl Users src 192.168.0.0/16
always_direct allow localhost
http_access allow manager localhost
http_access deny manager
http_access deny to_localhost
http_access allow ldap-auth Users
http_access allow CONNECT localhost
http_access allow localhost
http_access deny all
miss_access allow all
http_reply_access allow all
Thanks,
Joseph J. Piché
Received on Thu Jul 10 2008 - 18:14:39 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 11 2008 - 12:00:03 MDT