RE: authenticate via NTLM & AD
Heya,
> Also when surfing, you need to use a proxy server which in turn
> requires NTLM authentication but it's the same user/password
> combo from the AD ( it gets the info there).
Ah yes... I had this problem when setting up our squid proxy server to
replace our ISA server.
Some options I can see here:
1) Place the debian box outside the proxy server (would heavily depend on
your network setup)
2) if you have control over the ISA server you should be able to allow
access by IP address for the new debian box. In our experience though,
changing the ISA config was something just a little to the left of
witchcraft (main reason we replaced it with a squid box).
3) Install a proxy server like Jana (http://www.janaserver.de) on a Win box
set it to run under the context of an AD domain account. Install the Win
Proxy firewall client thing that lets you use other protocols (ftp, ssh etc)
through the proxy on the same PC and you should be able to then sneakily use
the jana proxy server through the MS proxy. Its been a while since I did
this so my memory is now a leetle hazy on hwo I got this bit to work.
Then just replace the ISA box with a squid box which will save your company
shed loads of cash and make yourself look good ;-)
HTH,
Mark.
--
This e-mail message may contain confidential or privileged information.
Recipients are requested to preserve this confidentiality and to advise
the sender immediately of any error in transmission.
Any views/opinions expressed in this email are that of the author and
may not reflect the views of Salamis Group - www.salamisgroup.com
Reply to: