Hi, I'm in the folloqing setup with Squid 2.7STABLE3 :
Client ---> Squid ---> NTLM enabled proxy with transparent auth ---> Internet I use the following configuration directives to achieve this: cache_peer 172.17.86.27 parent 8080 0 proxy-only no-query default no-digest login=PASS persistent_connection_after_error on never_direct allow all My clients are member of an active directory domain, and get authenticated transparently (no auth pop-up) through my squid server . It works correctly with windows XP/2000/2003 clients, but i'm facing a problem that occurs only on 2008/ SEVEN clients: I get intempestive login pop-ups with these clients on some websites, especially when browsing the following page : https://www-304.ibm.com/support/docview.wss?uid=swg27017522 If I look at my NTLM enabled proxy logs, i can see for each error the following entries : httpproxy[15164]: [0xb1366f38] auth_adir_auth_crap_callback (auth_adir.c:883) Authorization denied (NT_STATUS_WRONG_PASSWORD) After that, and because our password policy locks accounts after 3 auth failures, the user is locked out. I already tried to force on client side " Send only NTLMv2 responses " and disable 128Bit encryption enforcement, but no luck. if anybody has a clue... Thank you.
