Re: [squid-users] RE: Squid NTLM - Dont want users to have to enter domain

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 18 Aug 2011 23:48:07 +1200

On 18/08/11 21:52, Almighty wrote:
> Hi,
>
> Transparent NTLM authentication works great on our site and running on 5
> proxy servers.
>
> However we are having an increasing number of clients who are not on the
> domain (E.g. Mac labs).
> Is there any way that these non-AD end users could get prompted for just
> their "username& password" instead of "DOMAIN\username& password".
>
> Many thanks in advance,
>

Well, considering that NTLM is a protocol which operates by
authenticating that users are members of a domain. How do you expect
that would work?

IIRC the Samba ntlm_auth provides "--domain=DOMAIN" option to force
verification of all users against a certain domain (enabling no domain
on the popup). It is up to the client software to obtain the right
security tokens that domains DC will accept. Squid cannot do anything
about that.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.14
   Beta testers wanted for 3.2.0.10
Received on Thu Aug 18 2011 - 11:48:13 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 18 2011 - 12:00:04 MDT