Re: [squid-users] ntlm locking user accounts in 2003 AD

From: Henrik Nordström <henrik_at_henriknordstrom.net>
Date: Tue, 13 Jul 2010 22:36:17 +0200

mån 2010-07-12 klockan 12:03 -0300 skrev Stacker Hush:

> The problem is when some user request webpages i have alot with of 680 EVENT
> (logon) in Windows events/security, with seconds of interval

This is normal and by design of Microsoft NTLM authentication. Every new
TCP connection by the client to the proxy requires an new NTLM logon
handshake.

The rate of this is reduced a fair bit if you enable HTTP/1.1 support to
clients (2.7 required). But be warned that the HTTP/1.1 client support
in 2.7 is quite experimental.

> and sometimes
> the user account are locked.

That's not normal.

Regards
Henrik
Received on Tue Jul 13 2010 - 20:36:28 MDT

This archive was generated by hypermail 2.2.0 : Wed Jul 14 2010 - 12:00:03 MDT