On 19/05/11 11:14, Eliezer Croitoru wrote:
On 18/05/2011 20:24, Stefanos Vizikidis wrote:
I am running version 3.1.11.
well if you have a squid proxy that is not using any auth methods but
only basic ACLS and specific domain\ip no caching options..
it should be weird.
on what port and what protocol this exchange server working?
SSL?
443?
other?
it can might be some cookies problem so you can take a naked squid on
let say ubuntu .. stable one from ubutnu releases 2.7 or 3 and make sure
it works with them.
(proxy only without caching.. )
i dont have an exchange server that i can try it on but if you wish to
send me an account and server i will try to use my squid if you want.
also we will benefit if one of the squid-users have exchange server and
can help us with it.
Eliezer
On Wed, May 18, 2011 at 8:22 PM, Chad Naugle wrote:
What version of Squid3 are you using? Because 3.1.X has a feature
called "connection pinning" that is required for web-based NTLM
authentication to a website, which is separate from the proxy auth.
Stefanos Vizikidis 5/18/2011 12:59 PM
I tried reaching the same Outlook Web Access from outside of the
netwrok through a Squid with no authentication at all and i get the
same results, so i assume that ntlm authentication is not the case.
I don't know if i am not really into the point. Correct me if
disabling ntlm auth will do something else besides what i describe
above.
On Wed, May 18, 2011 at 12:01 PM, Eliezer Croitoru wrote:
disable the NTLM auth for the exchange and local servers..
if they are protected with passwords already and they are
internal\specific
use you can disable for these servers
the need for squid AUTHENTICATION.
On 18/05/2011 11:05, Stefanos Vizikidis wrote:
Hi!
I have recently set up a Squid3 using also Kerberos and NTLM
authentication for integration with Active Directory Services.
My only problem is that the users cannot access the Outlook Web
Access. They get two different login windows and then an Error
Access
Denied.
I have seen that a lot of people have the same issue but i cannot
find
a solution as Exchange 2003 is rather old.
Any help will be good.
If anything needed from the logs i would be glad to post it.
Thanks in advance.
Check that your config matches the example one (we know that works):
http://wiki.squid-cache.org/ConfigExamples/Reverse/OutlookWebAccess
http://wiki.squid-cache.org/ConfigExamples/Reverse/ExchangeRpc
OWA and Exchange are very sensitive about connection details passed on,
so deviation in the cache_peer from the carefully checked example steps
is known to cause issues.
One particularly big *MUST* is that the OWA/Exchange config follows
the reverse-proxy rule of placement near the top of the config file. At
worst, above any other http_access lines.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.7 and 3.1.12.1
