keisuke.hamanaka@xxxxxxxxxxxxx escreveu:
Sorry,my English is so poor. I 'd like to configure Squid working with NTLM AUTH. Can the clinet which has already logged in Windows' domain access to the Internet transparently? Or Is the client be asked Usename and Password again?
if you by 'transparently' you mean do NOT ask username/password, then NTLM Authentication is what you need. If user is logged on the domain, NTLM Authentication mechanism will fetch logged username and use that on squid ACL/logs without prompting for username/password. If, by some reason, the machine is not logged on the domain, then the user will be prompted for username/password.
if you by 'transparently' mean do NOT have to configure proxy on the browser, then it's NOT possible. Even with NTLM authentication configured and working, users will STILL need to configure their browsers and point it to squid.
There's NO way of doing transparently interception (capturing requests without have proxy configured on the browser) and authenticate these requests by any mechanism, NTLM, digest, etc etc etc. That's simply not possible to have authentication, by any mechanism, on transparently intercepted requests.
-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes@xxxxxxxxxxxxxx My SPAMTRAP, do not email it
