Hello, What I can see :
........ USER with outlook PROXY RPC enabled with NTLM auth -> PROXY RPC IIS6/Exchange 2007 Outlook sends credentials, the proxy handles them and open exchange mailbox. ........ USER with outlook PROXY RPC enabled with NTLM auth -> SQUID PROXY -> PROXY RPC IIS6/Exchange 2007 The user sends credentials via squid, squid can't forward them exactly to the Exchange/IIS6 RPC Proxy and the proxy denies In the https analyzer I can see the NTLM request header is very short when we use squid and when we don't use it this header is very long ... Like this NTLM TlRMTVNTUAADAAAAGAAYAJgAAABkAWQBsAAAABoAGgBYAAAAEAAQAHIAAAAWABYAggAAAAAAAAAU AgAABYKIogYBsR0AAAAPOq4/lcuCWEXBWP01xOfE7UUAVQBSAE8AUwBJAFQATgBFAFYARQBSAFMA YQAuAHcAYQBxAHUAZQB0AEEALQBXAEEAUQBVAEUAVAAtAEgAUAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAA4lx3+SYlVeSBpzbj9B93OAQEAAAAAAABuLvLQdfjMAYEqGS4sEy38AAAAAAIAGgBFAFUA UgBPAFMASQBUAE4ARQBWAEUAUgBTAAEAFgBFAFUAUgBPAFMASQBUAE0AQQBJAEwABAAgAGUAdQBy AG8AcwBpAHQAbgBlAHYAZQByAHMALgBmAHIAAwA4AGUAdQByAG8AcwBpAHQAbQBhAGkAbAAuAGUA dQByAG8AcwBpAHQAbgBlAHYAZQByAHMALgBmAHIABQAgAGUAdQByA[.....] For direct connection And whith squid : NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw== Like it's stucked, I dunno The analyzer tells me that : WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11. Still stucked there ... Regards Clem
