TR: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm

Progressing in my ntlm/rpcohttps researches

The only reverse proxy that can forward ntlm authentication on outlook
anywhere with ntlm auth is ISA, and in this article it describes what
parameters you must set for this working :

http://blogs.pointbridge.com/Blogs/enger_erik/Pages/Post.aspx?_ID=17

The main parameters are :

. accept all users
And
. No delegation but client may authenticate directly

So the proxy acts "directly" and send credential as if it was the client.

I think squid has to act exactly like ISA to make ntlm auth to work, dunno
if it's possible as ISA is a windows proxy server and surely more
confortable with compatibility.

Regards

Clem

-----Message d'origine-----
De : Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Envoyé : jeudi 8 mars 2012 14:29
À : Clem
Objet : Re: TR: [squid-users] https analyze, squid rpc proxy to rpc proxy
ii6 exchange2007 with ntlm

On 9/03/2012 2:08 a.m., Clem wrote:
> Ok Amos so we go back to same issues, as I said you I have tested all I
> could with the latest 3.2 beta versions before.
>
> So I'm going back to the type-1 ntlm message issue (see my last messages
> with this subject)
>
> And my last question was :
>
>> I think the link SQUID -> IIS6 RPC PROXY is represented by the
>> cache_peer line on my squid.conf, and I don't know if
>> client_persistent_connections
> and
>> server_persistent_connections parameters affect cache_peer too ?

It does.

Amos
Received on Mon Mar 12 2012 - 12:19:42 MDT