Michael Mansour wrote:
> Hi,
>
> I have Squid authenticating AD domain accounts (via it's LDAP helper)
> to an AD backend, if the user is part of an allowed "Internet Users"
> group they get internet access, if they don't authenticate or aren't
> part of the "Internet Users" group they don't get internet access.
>
> What I'm after is a way to get rid of the "pop up" authentication
> Window when the browser starts and uses the Squid proxy server.
>
> The Windows workstations that access Squid are all part of an AD
> domain and the users that login to those workstations login with
> their valid AD accounts.
>
> I've tested various solutions from Web searches for NTLM pass-thru,
> where for example, Firefox has "about:config" and ntlm settings you
> can set in there, and for IE adding URL's to the Intranet zone, but
> they don't work. I keep having Squid prompt for a username and
> password.
Are the browsers using NTLM or Kerberos? it makes a difference if Squid
is only configured for one.
You have a bit of a problem if you want to stop the startup popup. It
usually only occurs when the browser has no working login credentials to
pass the proxy.
You can stop Squid from requesting login details from the browser, but
if the browser does not know to send them you are in an even worse mess
then.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE24 Current Beta Squid 3.1.0.16Received on Tue Feb 23 2010 - 08:25:00 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 23 2010 - 12:00:06 MST