Perfect...so if we use a generic account name (which is an AD account) called: "genericuser" I could make a file with the name "genericuser" in it on squid and use the deny, which will then prompt for a login. They could then use their real AD accounts. I'll have to try this. -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Monday, January 15, 2007 7:34 PM To: Nick Duda Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: Squid to prompt for NTLM mån 2007-01-15 klockan 10:31 -0500 skrev Nick Duda: > I have squid setup so that it requires NTLM authentication. If your > logged in with a domain username it automatically authenticates the user > (doesn't popup logon box). How can I make it so that even if they are > logged in with a domain user it will ask them for NTLM auth? If they are logged in with an acceptable account there is little you can do, but you can make it prompt a login box if the currently logged in account is not acceptable. acl badusers proxy_auth badusername http_access deny badusers Regards Henrik
