Re: [squid-users] pam_auth and IE

From: Jerry Murdock <jmurdock@dont-contact.us>
Date: Tue, 3 Jun 2003 00:22:28 -0400

If you really don't care about authentication, one of the NTLM helpers
doesn't check passwords - just accepts whatever the browser feeds it.

Jerry
----- Original Message -----
From: "Eric Ferguson" <eric.ferguson@jaguartech.com>
To: "'Jerry Murdock'" <jmurdock@itraktech.com>;
<squid-users@squid-cache.org>
Cc: <doobie.sellers@jaguartech.com>
Sent: Monday, June 02, 2003 8:20 PM
Subject: RE: [squid-users] pam_auth and IE

> Hi Jerry,
>
> Just to make sure I am thinking right then, I need to get NTLM
> authentication running in order to avoid the popups?
>
> The squid box needs to authenticate to a Windows 2000 native AD. All I
> really want to do is get logging of the Windows user ID in the squid
> logs. If I can do this without proxy authentication, I would be fine
> with that too. If you could bear with me, I just have a few questions.
>
> 1. Will NTLM authentication work in a native Windows 2000 AD.
>
> 2. What is the simplest way to get the authentication or logging working
> in a native Windows 2000 AD? (I'm hoping not to have to set up Samba,
> join the domain, etc.)
>
> 3. Do I really need proxy authentication to get basic logging of the
> user ID in the log?
>
> Thanks for all your help!!!
>
> Eric Ferguson
>
>
> -----Original Message-----
> From: Jerry Murdock [mailto:jmurdock@itraktech.com]
> Sent: Monday, June 02, 2003 6:05 PM
> To: Eric Ferguson
> Subject: Re: [squid-users] pam_auth and IE
>
> The behavior your describing is characteristic of NTLM authentication.
>
> With any basic authenticator, you will still get the initial user/pw
> prompt.
>
> Jerry
>
> ----- Original Message -----
> From: "Eric Ferguson" <eric.ferguson@jaguartech.com>
> To: <squid-users@squid-cache.org>
> Sent: Monday, June 02, 2003 5:41 PM
> Subject: [squid-users] pam_auth and IE
>
>
> > Hi All,
> >
> > I am using proxy authentication for squid. My clients are being
> > prompted for user name and password and being authenticated correctly-
> > so far so good. However, I thought IE would send an initial ID and
> > password for the currently authenticated user on its first attempt to
> > authenticate and not require the user to do a manual login.
> >
> > I am currently using the built-in radius helper for squid because the
> > PAM radius authenticator is having problems with Redhat 9.0.
> >
> > Any suggestions would be appreciated.
> >
> > Thanks,
> >
> > Eric
> >
> > Eric.ferguson@jaguartech.com
> >
> >
> >
> >
>
Received on Mon Jun 02 2003 - 22:23:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:12 MST