Unfortunately I cannot use identd because we use dhcp, and most of the PCs
are used by several people (in shifts), and several users use different PCs
every day, so there's no real relationship between an IP-address and a
user. Further, company policy sort of makes installing things like ident on
the PCs very difficult.
Squid just performs so much better than MS Proxy that it's worth waiting
for. Even if NTLM never makes it into Squid, we'd never ever consider going
back to MS Proxy.
What would be nice is if it was possible to output a page from Squid just
before it tells the browser to pull the authentication box up. That way we
could instruct our users what to do as they're used to not having to enter
a userid/password to get out. Unfortunately I have way too little
experience with Squid (yet) to be able to fix that myself.
Any suggestions?
1) The user requests a url which needs authentication
2) Squid sends out the short instruction page to the browser
3) Squid tells the browser to pull the authentication dialog box up
4) The browser pulls the authentication dialog box up on top of the
instructions page
At 08:10 10/27/1999 +0200, you wrote:
>Or install identd (freeware - search tucosw) in your login script and use
>SQUID WITH identd compiled (I use this, and it works!)
>At 18:00 99-10-26 , you wrote:
>>We have recently switched from MS Proxy to Squid.
>>
>>There's one nice feature in MS Proxy (there _IS_ only one nice feature in
>>MS Proxy) I'm missing from Squid (or at least I think it's missing in Squid...)
>>
>>With MS Proxy, Internet Explorer can pass on the userid/password with
>>which the user logged on to Windows. Our Squid is currently configured
>>with smb_auth and it works great, but now Internet Explorer brings up the
>>Basic Authentication -type login dialog box the first time it hits a page
>>that needs authentication.
>>
>>I'm not sure how MS Proxy does this, but I take it there's some dialog
>>between IE and MS Proxy. Can Squid be configured/patched/hacked to do the
>>same, and if so, does anyone know how, or where I could start looking for
>>clues?
>>
>>With over 4000 users, I'd appreciate not having to explain to all of them
>>that from now on they have to type in their NT userid and password when
>>they start Internet Explorer.
>Or install identd (freeware - search tucosw) in your login script and use
>SQUID WITH identd compiled (I use this, and it works!)
Espen Lyngaas, IT Consultant, Color Group ASA
Espen.Lyngaas@colorline.no Espen.Lyngaas@c2i.net
http://www.team17.com/~elyngaas/
Phone: +47-95063143 +47-22944315 ICQ: 43241796
Received on Wed Oct 27 1999 - 01:33:35 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:06 MST