Has anyone gotten pound to work with any NTLM backend (SharePoint, Terminal Services Gateway etc)?
On Mon, Dec 17, 2012 at 2:07 PM, Jordan ROY <[email protected]> wrote: > Hi, > > Did you try to remove the option "httpclose" on you config file ? > > Cordialement, > > Jordan ROY > ------------------------------ > *De :* Joe Gooch [[email protected]] > *Date d'envoi :* lundi 17 décembre 2012 19:54 > *À :* '[email protected]' > *Objet :* RE: [Pound Mailing List] Terminal Services Gateway > > This mailing list is the only method I’m aware of by which you could > make such a submission. > > Joe > > > > > > *From:* Ansar Mohammed [mailto:[email protected]] > *Sent:* Friday, December 14, 2012 10:04 PM > *To:* [email protected] > *Subject:* Re: [Pound Mailing List] Terminal Services Gateway > > > > Is there anyway I can formally log or submit the issue to the pound team? > > On Fri, Dec 14, 2012 at 10:39 AM, Joe Gooch <[email protected]> > wrote: > > Then I guess I’m still confused as to why this doesn’t work… It seems like > the only case I can think of where NTLM might not work, is because it’s a 3 > or 4 step handshake… The second HTTP request might end up at a different > backend. > > > > If you’re in a 1 backend scenario, pound should pass the WWW-Authenticate > and Authentication headers as is, so everything should just work. > > > > Unless I’m missing something. (Which is always possible) > > > > Joe > > > > *From:* Ansar Mohammed [mailto:[email protected]] > *Sent:* Thursday, December 13, 2012 9:15 PM > > > *To:* [email protected] > *Subject:* Re: [Pound Mailing List] Terminal Services Gateway > > > > > One backend. > > no session affinity as it does not apply > > On Thu, Dec 13, 2012 at 1:13 PM, Joe Gooch <[email protected]> wrote: > > Do you have 1 or many backends? > > Are you using session affinity? > > > > Joe > > > > *From:* Ansar Mohammed [mailto:[email protected]] > *Sent:* Tuesday, December 11, 2012 2:27 PM > > > *To:* [email protected] > *Subject:* Re: [Pound Mailing List] Terminal Services Gateway > > > > FWIW I really like pound. > > > > based on several newsgroup postings and the official site NTLM > pass-through is available in 2.6+ and 3.1+ > > > > http://wiki.squid-cache.org/Features/ConnPin > > > > > > > > On Tue, Dec 11, 2012 at 1:26 PM, Joe Gooch <[email protected]> wrote: > > I was similarly curious… Because pound doesn’t do anything to or with > authentication, it just passes the HTTP traffic as is. > > > > I would think w/ NTLM, however, it’s possible dns and nat type situations > may play into things. (how does the client connect to the domain > controller/KDC) > > > > Have you tried it with Squid, and/or why do you feel squid will do the job? > > > > Joe > > > > > > *From:* Ansar Mohammed [mailto:[email protected]] > *Sent:* Tuesday, December 11, 2012 1:19 PM > *To:* [email protected] > *Subject:* Re: [Pound Mailing List] Terminal Services Gateway > > > > Understood, pound does not authenticate users. > > > > Consider the following: > > I have an Exchange 2010 Server with Outlook Anywhere(RPC over HTTP) > working perfectly fine with Basic Authentication. From the time I switch > Exchange 2010 to NTLM, Outlook Anywhere ceases to function. If however I > bypass pound, Outlook Anywhere with NTLM works fine. > > > > Based on my test it seems that pound does not like NTLM authentication. > Which is why Terminal Services gateway does not work (it uses NTLM). > > > > > > > > > On Tue, Dec 11, 2012 at 12:00 PM, Robert Segall <[email protected]> wrote: > > On Sam, 2012-12-08 at 20:21 -0500, Ansar Mohammed wrote: > > Hello All, > > There has been a few discussions on this list around pound, Terminal > > Services Gateway and the lack of NTLM support. > > Is that something that is on the roadmap for pound, or should I just > > switch to squid? > > Forgive my curiosity, but what is your use case? Pound does no > authentication, so I don't see how that would be useful. > -- > Robert Segall > Apsis GmbH > Postfach, Uetikon am See, CH-8707 > Tel: +41-32-512 30 19 > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > > > > > > > > >
