[clug] NTLM proxy authentication - it's working, it's not

Chris Smart chris at kororaa.org
Tue Jul 1 12:28:49 GMT 2008


On Tue, 2008-07-01 at 10:50 +1000, Paul Wayper wrote:
> Hi all,
> 
> I've just started work at a new company and their Squid
> proxy is set up to do NTLM authentication.  

Firstly, congratulations on the job and secondly condolences on the
authentication method.

So their squid proxy is set up to do NTLM authentication, you are not
authenticating to a Windows PDC?

Years ago I think I set up squid to authenticate to active directory but
I've blotted most Windows things out of my memory.

On a Windows domain it works like Mike mentioned. All you need to do is
download ntlmaps, edit the server.cfg and run 'sudo python main.py'.

You tell the server.cfg what local port to run on, what server you are
authenticating to, your domain (if needed), username and password, i.e.

LISTEN_PORT: 5865
PARENT_PROXY: server_ip
PARENT_PROXY_PORT: server_port
NT_DOMAIN: your_Windows_domain
USER: your_username
PASSWORD: your_nt_password

Run ntlmaps.

Then, once ntlmaps is running, you set your local system to use proxy
'http://localhost:5865' (at least that's the default port).

If you're just authenticating to Squid, then I'm guessing that you
shouldn't need to set a Windows domain, but then again, you might.

But yes, it does work, sometimes flakely, but I put that down to
Windows.

-c



More information about the linux mailing list