Hi! On Thursday 10 July 2008, Joseph Piché wrote: > >> I have a setup with Squid 3.0 stable 7 and DansGuardian 2.9.9.4. I > >> have been trying to set up authentication using ntlm_auth connecting > >> to Active Directory. Everything works fine except I get prompted for a > >> username and password for every single domain. > > > > Are you doing transparent interception? > > > > authentication and interception is mutually exclusive.. > > > > For proxy authentication to work proper you need to have the browsers > > configured to use the proxy, preferably on a shortname så they know it's > > a local resource and automatically accepts NTLM authentication without a > > login prompt.. > > I have iptables forwarding port 80 to port 8080 where dansguardian > intercepts the request and forwards it to squid which listens on local > 3128. So, there is no way to do this without configuring browsers? I > would really like to get around that. A proxy autoconfiguration script served up by a internal webserver is the answer! You can even use GPL's on the DC to configure all users browsers as they log in on the winblows network. There is quite a few good tuts on pac scripts around the web! Just google 'em! The javascript is easy to understand and use! Cheers Ang -- Angela Williams Enterprise Outsourcing Unix/Linux & Cisco spoken here! Bedfordview awilliams@xxxxxxxxx Gauteng South Africa Smile!! Jesus Loves You!!
