Dear James, Thanks for the attention. Yes, I´m talking about Debian APT Tool =]. And I´ve already configured apt.conf so to use the proxy, adding username and password in it, but even so it´s not working, and my proxy keeps returning HTTP 407. Tried creating a user "me" with password "123456" inside my AD domain, and it´s not working as well. Maybe something in my Squid auth configuration, but I´m not sure.
2009/2/2 James Zuelow <james_zue...@ci.juneau.ak.us>: > >> -----Original Message----- >> From: Henrique Machado [mailto:henrique.cic...@gmail.com] >> Sent: Monday, 02 February, 2009 06:49 >> To: squid-users@squid-cache.org >> Subject: [squid-users] Certain applications when using NTLM auth > >> But, some applications, APT being a very simple example (and one of my >> headaches) can´t ask for an input. And even configuring it to send >> user´s credentials doesn´t seen to work (Squid keeps replying with >> 407). > > You will always get 407 replies with NTLM authentication. It is just how the > protocol is designed. > >> I presume that the behavior "wait until I ask for auth credentials" is >> necessary for the complete functionality, so Squid just ignores the >> info that´s initially sent. > > Apt as in the Debian apt tool? I have a variety of Debian boxes (used to be > Sarge, now Etch and Lenny) that authenticate to squid via NTLM, and this > "just works" for me: > > Set up an /etc/apt/apt.conf file like this: > > Acquire::http::Proxy "http://username:passw...@10.11.12.13:3128/";; > > Where username and password are for a service account you create in active > directory. You can use a human's account, but the password will be in > plaintext with the apt.conf file, so I don't suggest it. Easier to create a > service account and then just tightly lock it down in AD. (All you need is > that the squid proxy can authenticate to it.) > > And of course 10.11.12.13:3128 is whatever IP address/port your Squid lives > on. > > If you've already done this and it doesn't work, maybe there's a typo. I've > used apt with NTLM for years and it has been rock solid. > > And of course if it is another apt you're talking about, none of this > applies. :) > > James >
