The squid has been compiled with the kerberos support and samba 3
(latest version) is used as an external authenticator. You can find in
this link a configuration similar to myne (this link if for gentoo, but
I hope that you will not have problem to compile or configure it. If you
got one, just write me directly): http://mkeadle.org/?p=13
For your test you can also use your isa server, but the domain in NTLM packets must be set.
The faster way that I have identified to resolve this problem is modify the code of the function ntlm_phase_3 adding a search of "\" in the username and if exist set the first part of the username to domain and the second part as the username. In this way you will not have to modify the proxy data structure and also you will fix the problem under a authenticator with multiple domains.
For the first problem exposed the faster way if just add a connection keep alive, the second it's add to the proxy routines to undestand if the connection has been closed and in this case open a newone.
Thank you for the faster reply.
William Preston wrote:
On Tuesday 28 March 2006 16:49, inode wrote:I'm doing some test with openvpn, and I saw some problem using NTLM auth proxy.