Hi, I have setup squid authentication with Kerberos to the 2003 Active Directory. I could test it successfully to all browsers but failed in IE6. So I used following squid.conf to get NTLM auth for IE6 # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # #auth_param negotiate program /usr/sbin/squid_kerb_auth -d auth_param negotiate program /usr/local/bin/negotiate_wrapper -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=SYSNET.LOCAL --kerberos /usr/sbin/squid_kerb_auth -d -s GSS_C_NO_NAME auth_param negotiate children 10 auth_param negotiate keep_alive on ### pure ntlm authentication auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=SYSNET.LOCAL auth_param ntlm children 10 auth_param ntlm keep_alive off acl auth proxy_auth REQUIRED But the question is it need separate configuration as in ### pure ntlm authentication for specifically for NTLM? Is it never work with first entries only which supposed to be worked with both NTLM and Kerberos ? Thanks, Br abusam
