I recently installed an SME/e-Smith 5.6 (Linux distro based on Redhat 7.3) server/firewall at a client site that must connect to a certain website that requires authentication - what appears to be Microsoft NTLM authentication complete with domain name. Before installing the SME server the client used a dialup Internet connection and had no problem with entering the username, password and domain in the Microsoft "Enter Network Password" login screen that comes up when he goes to the site. He would click on "save password" and never see the login box during that Internet Explorer session.
After installing SME in server/gateway mode using a DSL connection, the user gets the login screen multiple times (sometimes dozens of times) in order to go to the site or many of the pages on the site. Checking "save password" seems to have no effect when going through the SME server, resulting in entering a password as much as a hundred times or more in a day. I have tested this by removing one or more machines (both Win98 and Win2000, with IE 6) from the SME network and connecting them directly to the Internet. After the first login screen, navigation through the site works with no additional login screens popping up. Returning the systems to the SME server network brings the problem back. (I have even tried XP workstations and another server). Since the client constantly uses this site and it's vital to his business (it's even his home page) this is driving him crazy. I have searched a good bit and seen that there are some problems with NTLM authentication and Squid, but I confess that the discussions are over my head and I'm not even sure I'm on the right track. I have spent a good many hours playing with various IE settings to no avail. Tech support from the site in question is non-existent in our case - we have to solve the problem on our own. I don't want to have to pull the server because of this nasty little problem. There have been suggestions that a Microsoft server/firewall will solve this problem. The starting home page for this website is a default.asp page. I do not know if they are downloading an activex control and am not sure how to tell. As a test I tried the "direct connect" option by placing the below two lines (for the relevant domain) in the squid.conf file, and restarted squid. This did not help. Note that I put the two lines just below the "acl webdav" line in the squid.conf file as follows: acl webdav method PROPFIND TRACE PURGE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK acl clientsite dstdomain .clientsite.com always_direct allow clientsite I also tried this from the squid FAQ: acl clientsite dstdomain .clientsite.com no_cache deny clientsite to not cache this server - no luck. Still get the multiple logins with the password not being saved. Note: we are using SQUID 2.4.Stable6 and re-installing or updating Squid is not an easy option on the SME distro. Modifications to config files are OK. Any suggestions would be greatly appreciated. jim [EMAIL PROTECTED]
