there lots of options in internet explorer -- Tools-> Internet Options -> security Tab --- select a zone and choose "custom level button". there is a field for "user authentication below" have you tried playing around with these ? you could also try enabling "use http 1.1 through proxy connections" under the advanced TAB. could be of some help. Quoting Adrian Chadd <adrian@xxxxxxxxxxxxxxx>: > Is there any possibility of getting some funding for this work? > > Its not for me: I don't know much about the NT code at all. > But I'm sure there's a squid developer or two there who is willing > to sort through all of the niggling NTLM authentication problems. > > > > Adrian > > On Sun, Jun 18, 2006, Scott Jarkoff wrote: > > I would truly love to say otherwise, however I have been unable to > > reconcile this problem once and for all. While the popups do not > > appear to be as frequent as they used to be, after a minor > > modification to my smb.conf file, they are still present. Because of > > this I am unable to get Squid deployed throughout our enterprise. > > > > > > scott > > > > > > On 6/16/06, Ngo, Toan <tngo@xxxxxxxxxx> wrote: > > >Are there any more suggestions on the random auth prompts? > > > > > >Thanks. > > > > > >-----Original Message----- > > >From: Ngo, Toan > > >Sent: Monday, June 05, 2006 9:09 AM > > >To: Guido Serassio; Visolve squid; Scott Jarkoff > > >Cc: squid-users@xxxxxxxxxxxxxxx > > >Subject: RE: Random authentication popups > > > > > >SMB.CONF > > > > > > [global] > > > workgroup = DOMAIN > > > realm = DOMAIN.COM > > > netbios name = PROXY-01 > > > > > > server string = Proxy Server > > > log file = /var/log/samba/%m.log > > > security = ads > > > password server = dc1.domain.com dc2.domain.com dc3.domain.com > > > > > > idmap uid = 16777216-33554431 > > > idmap gid = 16777216-33554431 > > > winbind separator= \\ > > > # allow enumeration of winbind users and groups > > > winbind enum users = yes > > > winbind enum groups = yes > > ># winbind use default domain = yes > > > template shell = /sbin/nologin > > > encrypt passwords = yes > > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > > local master = no > > > wins server = x.x.x.x > > > dns proxy = no > > > > > >SQUID.CONF > > >auth_param ntlm program /usr/bin/ntlm_auth > > >--helper-protocol=squid-2.5-ntlmssp > > >auth_param ntlm children 50 > > >auth_param ntlm max_challenge_reuses 0 > > >auth_param ntlm max_challenge_lifetime 2 minutes > > >auth_param ntlm use_ntlm_negotiate on > > >auth_param basic program /usr/bin/ntlm_auth > > >--helper-protocol=squid-2.5-basic > > >auth_param basic children 10 > > >auth_param basic realm Squid proxy-caching web server > > >auth_param basic credentialsttl 3 minutes > > > > > >-----Original Message----- > > >From: Guido Serassio [mailto:guido.serassio@xxxxxxxxxxxxxxxxx] > > >Sent: Saturday, June 03, 2006 2:05 AM > > >To: Ngo, Toan; Visolve squid; Scott Jarkoff > > >Cc: squid-users@xxxxxxxxxxxxxxx > > >Subject: RE: Random authentication popups > > > > > >Hi, > > > > > >At 01.34 03/06/2006, Ngo, Toan wrote: > > > > > >>I get these messages in cache.log. > > >> > > >>[2006/06/02 16:22:51, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > > >> got NTLMSSP command 3, expected 1 > > >>[2006/06/02 16:24:30, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > > >> got NTLMSSP command 3, expected 1 > > >>[2006/06/02 16:25:39, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > > >> got NTLMSSP command 1, expected 3 > > >>[2006/06/02 16:26:04, 1] libsmb/ntlmssp.c:ntlmssp_update(252) > > >> got NTLMSSP command 3, expected 1 > > >> > > >>Any ideas? Are others seeing the same log messages when the random > > >>login prompts? > > > > > >This is the trace of some out of order NTLM packets, the messages > > >come from Samba's ntlm_auth helper. > > > > > > From your previous message, I can read that you are using Samba > > >3.0.14a, 3.0.22 would be better, please do you can post your smb.conf > > >and the auth_param section of your squid.conf. > > > > > >Regards > > > > > >Guido > > > > > > > > > > > >- > > >======================================================== > > >Guido Serassio > > >Acme Consulting S.r.l. - Microsoft Certified Partner > > >Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY > > >Tel. : +39.011.9530135 Fax. : +39.011.9781115 > > >Email: guido.serassio@xxxxxxxxxxxxxxxxx > > >WWW: http://www.acmeconsulting.it/ > > > > > > > > > > > > > > > > > > > > > > > > -- > > Scott Jarkoff > > wase --------------------------------------------------------------- ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
