I have seen this problem on a windows 7 and a Fedora 16 machine. I think i can rule out the windows machine for once ;) I am using FF on the linux machine... is that known to have double ntlm issues? Simon On Wed, 2012-04-18 at 19:36 +0200, Clem wrote: > Hello, > > Try to set "Send LM & NTLM - use NTLMv2 session security if negotiated" > in local policies (secpol.msc) > > Go to: Local Policies > Security Options > > Find "Network Security: LAN Manager authentication level" > > Change Setting from "Send NTLMv2 response only" > to > "Send LM & NTLM - use NTLMv2 session security if negotiated" > > Good luck ! > > > Clem > > Le 18/04/2012 18:51, Javier Conti a écrit : > > On 18 April 2012 07:33, Simon Dwyer<mail@xxxxxxxxxx> wrote: > >> Hi all, > >> > >> I have just implemented squid with kerberos + ntlm + basic > >> authentication. > >> > >> I have just been told accessing a sharepoint website on the internet has > >> stopped working. > >> > >> It seems the site is running NTLM authentcation. > >> > >> I have wiresharked the traffic on the proxy and can see the request come > >> in from the client then out to the web server and the NTLM fields are > >> left in place. > >> > >> The sharepoint server is responding with a 401 unauthroized. > >> > >> Where would be the next place to start looking? > > Are you trying with Windows 7 clients? If yes, have you tried with a Windows > > XP one? > > > > I'm facing the same problem (getting Integrated Windows Authentication to > > work through Squid) and as long as clients are Windows XP it works fine. > > > > If this is the case, I can tell you that we already tried to lower the > > security settings in Windows 7 to something comparable to those of Windows > > XP but still see differences in behaviour (and still have the problem)... > > > > Regards, Javier > > > > PS: excuse me OP if the message went through twice, but Andoird doesn't > > let me send plain text emails and the first one got bounced :( > > > >> I am running 3.1.10. > >> > >> Thanks all, > >> > >> Simon > >>
