Thanks for the feedback. Apparently it's going to take a lot of different components to fix NTLM. Toan -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Wednesday, April 19, 2006 3:54 AM To: sanguis@xxxxxxxxx Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: Re: Squid + NTLM and TCP_DENIED for each request tis 2006-04-18 klockan 20:45 +0200 skrev Joost de Heer: > That's NTLM handshaking, it's normal behaviour. Blame MS for creating a > crappy implementation of the authentication mechanism. Will get better the day we can switch to use Kerberos/SPNEGO authentication.. but unfortunately not yet sufficiently supported in any of the involved components (browers, Squid, Samba) to be deployed seriously.. The Squid side of things is available in Squid-3, or as a patch to 2.5 at devel.squid-cache.org. The Samba side is available in Samba-4, and the MSIE browser side of things is available in the next Windows version.. Regards Henrik