Hello Amos, happy to hear from you! >> 1) in squid.conf, i have to specify windows user with the first capital >> letter. Ex: user = User@DOMAIN. >> If i specify user@DOMAIN i have no authentication to surf > > Case sensitivity has nothing to do with Squid. The user details are part > of the encrypted data transferred directly between your client software > and your authentication system. When users login the authentication > system informs Squid what username just logged in - Squid uses that > label exactly as received. But, if i write, in squid.conf in proxy_auth acl, user instead of User, Squid do not grant access, with authentication deny. Is there a way to accept "user" and "User" at the same way? > > Yes. This is how authentication works in general. Client connects, > server requests credentials, client repeats with credentials and gets > whetever response is appropriate for that. When working with 2008 and 2008 R2 domain controller, kerberos authentication is better than ntlm, is it right? Thank you! Francesco
