Hi, I'm hoping someone can help with this possibly trivial issue.
I am trying to configure NTLM authentication on my Redhat 9 box by following the instructions in the new O'Reily squid book... I have configured NTLM authentication with the SMB helper. When I connect to the proxy using IE6sp1 I am prompted for my user credentials. Submitting them elicits the correct response, but I was under them impression that when using IE I should not see a password prompt at all - i.e. it uses passthrough authentication. Am I wrong? I have configured squid.conf with the following: auth_param ntlm program /usr/lib/squid/ntlm_auth domain\dc auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes which was pasted straight out of the examples in the file and it is the same the example in the book. I am using the following acl and http_access rule: acl admins proxy_auth idbs\aanderson http_access allow !admins This is to prevent access only to myself... And, like I said, it works after I've been prompt for username/password. Squid is compiled as follows: Squid Cache: Version 2.5.STABLE5 configure options: --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilter --with-pthreads --enable-basic-auth-helpers=LDAP,NCSA,PAM,SMB,SASL,MSNT --enable-auth --enable-ntlm-auth-helpers=SMB,winbind --enable-ntlm-fail-open --enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group,winbind_group I downloaded and installed the latest sources from squid-cache.org and assume that this will include the latest patches? Is it possible to configure Squid to so users are not prompted for logon credentials? Thanks Ash Anderson MCP, MCSA, A+. ID Business Solutions. Tel: +44 (0)1483 595000 **************************************************************************** XLfit 4 is now available. Powerful curve fitting, statistics and results presentation for Excel. Trial XLfit 4 for 30 days free of charge and without obligation: http://www.id-bs.com/xlfit4 ***************************************************************************** The information contained in this email may contain confidential or legally privileged information. If you are not the intended recipient any disclosure, copying, distribution or taking any action on the contents of this information may be unlawful. If you have received this email in error, please delete it from your system and notify us immediately. Any views expressed in this message are those of the individual sender, except where the message states otherwise. IDBS takes no responsibility for any computer virus which might be transferred by way of this email and recommends that you subject any incoming E-mail to your own virus checking procedures. We may monitor all E-mail communication through our networks. If you contact us by E-mail, we may store your name and address to facilitate communication. **********************************************************************
