Re: [squid-users] can squid perform authentication without prompting users for usernames and passwds ?

From: Robert Collins <robertc@dont-contact.us>
Date: 10 Mar 2003 21:56:19 +1100

On Mon, 2003-03-10 at 21:48, reymc@eurecom.fr wrote:
> Thanks a lot for the answer...here come two additionnal questions and one
> explanation.
>
> but what do you mean by "having a domain" ?

Microsoft organises users by 'Domains'. Each Domain has a set of Domain
Controllers. Domain Controllers perform authentication for users when
you use the NTLM scheme. Without an NT Domain, and thus Domain
Controllers, NTLM won't work.

> I thought people were using ntlm authentication for this purpose (I mean not
> being prompted for password). I guess I don't understand properly the benefits
> of using such a scheme.
> Could you just tell me in a few words what would be the benefits of using the
> ntlm authentication scheme ?

NTLM allows 'single sign on' for Microsoft networks.

> About the way ntlm authentication was performed with border manager:
> we had a program "Novell Client Trust" that communicated with the Border
> Manager Proxy, supplying it with the logon information we had entered when
> logging into SDS2000.

Thats not NTLM. NTLM is NTLanManager.

> Then if this information corresponds to what Border
> Manager has in its text file of authorised users (which file is built by
> exporting the list of Lotus Notes authorised users), then access to the
> Internet is allowed.

Yep. The Novell Client Trust communications path is what would need to
be documented, as a starting point.

Rob

-- 
GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.

Received on Mon Mar 10 2003 - 03:56:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:58 MST