On Thu, Dec 08, 2011 at 09:14:51PM +0100, Emmanuel Lacour wrote:
>
>
> As negotiate is proposed and IE support it, it always try to
> authenticate with negotiate and so it fails every time.
>
this is by design since XP SP2:
http://support.microsoft.com/kb/891559
I did not found any workaround
(sorry for the thread break, I loosed original messages and cannot find
the Message-ID)
Amos, thanks for your hints.
I did some tests to connect to a kerberos enabled squid from a windows
client not within the AD domain:
squid auth setup is:
negotiate squid_kerb_auth
ntlm
basic (ldap)
As neg
On Tue, 22 Nov 2011 15:34:53 +0100, Emmanuel Lacour wrote:
I enabled kerberos auth on an AD domain with a fallback to ldap basic
auth.
It seems that if someone use the proxy from another lan in another AD
domain on which I have no control, the basic auth is not used.
Is this understandable? Any
I enabled kerberos auth on an AD domain with a fallback to ldap basic
auth.
It seems that if someone use the proxy from another lan in another AD
domain on which I have no control, the basic auth is not used.
Is this understandable? Any way to work around this?