Progressing in my ntlm/rpcohttps researches The only reverse proxy that can forward ntlm authentication on outlook anywhere with ntlm auth is ISA, and in this article it describes what parameters you must set for this working : http://blogs.pointbridge.com/Blogs/enger_erik/Pages/Post.aspx?_ID=17 The main parameters are : . accept all users And . No delegation but client may authenticate directly So the proxy acts "directly" and send credential as if it was the client. I think squid has to act exactly like ISA to make ntlm auth to work, dunno if it's possible as ISA is a windows proxy server and surely more confortable with compatibility. Regards Clem -----Message d'origine----- De : Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Envoyé : jeudi 8 mars 2012 14:29 À : Clem Objet : Re: TR: https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm On 9/03/2012 2:08 a.m., Clem wrote: > Ok Amos so we go back to same issues, as I said you I have tested all I > could with the latest 3.2 beta versions before. > > So I'm going back to the type-1 ntlm message issue (see my last messages > with this subject) > > And my last question was : > >> I think the link SQUID -> IIS6 RPC PROXY is represented by the >> cache_peer line on my squid.conf, and I don't know if >> client_persistent_connections > and >> server_persistent_connections parameters affect cache_peer too ? It does. Amos
