Hi! On Fri, Jul 11, 2008 at 4:17 PM, Joseph Piché <josephpiche@xxxxxxxxx> wrote: >>> I have a setup with Squid 3.0 stable 7 and DansGuardian 2.9.9.4. I >>> have been trying to set up authentication using ntlm_auth connecting >>> to Active Directory. Everything works fine except I get prompted for a >>> username and password for every single domain. >> >> Are you doing transparent interception? >> >> authentication and interception is mutually exclusive.. >> >> For proxy authentication to work proper you need to have the browsers >> configured to use the proxy, preferably on a shortname så they know it's >> a local resource and automatically accepts NTLM authentication without a >> login prompt.. > > > I have iptables forwarding port 80 to port 8080 where dansguardian > intercepts the request and forwards it to squid which listens on local > 3128. So, there is no way to do this without configuring browsers? I > would really like to get around that. I use automatic browser configuration (via dns, dhcp ... or both ). And I think you could add an informative page, via port redirection, where you explain how to configure the browser for proxy autoconfiguration (or how to configure the browser manually). Hope this helps, Ildefonso Camargo.
