On 2/05/2013 2:10 a.m., Romulo Boschetti wrote:
Hi guys.
We have been using squid for a long time in our company. Right now, i'm testing the
latest version ( 3.3.3 so far ) and i'm facing some problems with the authentication
process. In our network, we have a "mixed" environment where 95% of the
machines are joined in the domain and the other 5% not.
For all "domain" machines the ntlm authentication is working perfectly but for the
"non-domain" machines, the basic authentication isn't working and the auth popup keeps
showing up.
Do i have to add or change anything in my configuration file to enable this
"multiple authentication" feature? The authentication is define as follows:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10 startup=10 idle=1
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 10 startup=10 idle=1
NOTE: This scenario works like a charm in the 2.x version.
Do you have a lot of old MSIE 5.x or so clients?
You may find you need to add:
auth_param ntlm keepalive off
Which enabled a hack on NTLM auth challenges to make IE 5-6 and some
other older software work properly.
Amos
