Search squid archive

Re: NTLM/Kerberos Authentication with Windows 7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Wolfgang,
You could try my new negotiate wrapper http://sourceforge.net/projects/squidkerbauth/files/negotiate_wrapper/negotiate_wrapper-1.0.0/negotiate_wrapper-1.0.0.tar.gz/download 

Usage:
auth_param negotiate program /usr/sbin/negotiate_wrapper [-d] --ntlm <ntlm-helper with args> --kerberos <kerberos-helper with args> 

example:
auth_param negotiate program /usr/sbin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --kerberos 
/usr/sbin/squid_kerb_auth -d -s GSS_C_NO_NAME



Markus
"Henickl Wolfgang" <Wolfgang.Henickl@xxxxxx> wrote in message news:D4C860F6883E8B45815499F357CE011C078AFB19@xxxxxxxxxxxxxxxxxxxxxx 
Thanks for the reply!
The major problem is, that the changes in Security Policy of Windows 7 hasn't changed a thing. But I will try it again, therefore my question. I am also unsure, because in Windows 7 a new WinHTTP Version is included, which may also cause problems.
Is there anything, which should be considered, configuring/activating NTLM and Kerberos at the same time in Squid? 

Kind regards
Wolfgang

-----UrsprÃngliche Nachricht-----
Von: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx]
Gesendet: Donnerstag, 03. MÃrz 2011 03:56
An: squid-users@xxxxxxxxxxxxxxx
Betreff: Re:  NTLM/Kerberos Authentication with Windows 7


On Wed, 2 Mar 2011 13:58:04 +0100, Henickl Wolfgang wrote:

Hello,
I am looking for a solution of strange Problem. It seems that WinHTTP
Programs under Windows 7 tend to use Kerberos Authentication, instead
of
NTLM. The problem is, that I am working behind a Squid Proxy that is
only configured for NTLM.

Do somebody know which settings I should modify?
Is there a setting required for "Network security: LAN Manager
authentication level" under Windows 7?
Are there known problems with such a configuration or any FAQs for
troubleshooting such environments?


Sounds like you have found the problem already. The solution is to
either disable the Kerberos security on Windows 7 (rendering the network
back down to NTLM / NT 4.0 LanManager security levels) or upgrade your
squid to accept Kerberos.

The squid wiki has config tutorilas on Kerberos for Squid. It's usually
not too painful add in parallel with NTLM.

Amos
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux