Hi!
On Thursday 10 July 2008, Joseph Piché wrote:
> >> I have a setup with Squid 3.0 stable 7 and DansGuardian 2.9.9.4. I
> >> have been trying to set up authentication using ntlm_auth connecting
> >> to Active Directory. Everything works fine except I get prompted for a
> >> username and password for every single domain.
> >
> > Are you doing transparent interception?
> >
> > authentication and interception is mutually exclusive..
> >
> > For proxy authentication to work proper you need to have the browsers
> > configured to use the proxy, preferably on a shortname så they know it's
> > a local resource and automatically accepts NTLM authentication without a
> > login prompt..
>
> I have iptables forwarding port 80 to port 8080 where dansguardian
> intercepts the request and forwards it to squid which listens on local
> 3128. So, there is no way to do this without configuring browsers? I
> would really like to get around that.
A proxy autoconfiguration script served up by a internal webserver is the
answer! You can even use GPL's on the DC to configure all users browsers as
they log in on the winblows network.
There is quite a few good tuts on pac scripts around the web! Just google 'em!
The javascript is easy to understand and use!
Cheers
Ang
-- Angela Williams Enterprise Outsourcing Unix/Linux & Cisco spoken here! Bedfordview awilliams_at_eoh.co.za Gauteng South Africa Smile!! Jesus Loves You!!Received on Fri Jul 11 2008 - 12:24:53 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 11 2008 - 12:00:03 MDT