Re: Cisco & NTLM (fwd)

From: Lincoln Dale <ltd@dont-contact.us>
Date: Mon, 18 Mar 2002 15:27:15 -0800

with Internet Explorer, a cache can use a 407 response with an
"Proxy-Authenticate: NTLM".

IE will use then use the user's credentials for the first (transparent)
authentication attempt. only if it fails does it pop up a dialog box.

cheers,

lincoln.

At 04:31 PM 18/03/2002 -0700, Duane Wessels wrote:
>any NT gurus want to answer this?
>
>
>---------- Forwarded message ----------
>Date: Mon, 18 Mar 2002 14:06:41 -0600 (CST)
>From: William Devine II <william@smartguys.net>
>Reply-To: isp-caching@isp-caching.com
>To: isp-caching@isp-caching.com
>Subject: Re: Cisco & NTLM
>
>
>I'm curious how they do the transparent part when anytime I've ever setup
>password authentication on squid, it's required me to enter a username &
>password. What method exists to transparently pass a username & password
>to squid via a web browser? Does it check to see if the IP# is
>authenticated on the NT domain or something?
>I've been trying to come up with a way to transparently authenticate based
>on whatever username & password the user logged into their NT domain or
>workgroup as.
>
>Thanks!
>william
>
>On Mon, 18 Mar 2002, Doug Lohf wrote:
>
> > Various caching companies support transparent NTLM authentication. Most
> > require you to put an "agent" on the PDC or BDC. This is generally not a
> > problem. Your concern is that you need a product that supports multiple
> > domains. Also, if you are running NTLM authentication on internal IIS
> > servers. You will need a product that does not "break" the NTLM
> > authentication process.
> >
> > Places to look would be:
> > Network Appliance
> > Inktomi
> > CacheFlow
> > Possibly Cisco with version 4.0.
> > If I missed others, please respond. Details would be nice. (No sales fluff)
> >
> > If these features are supported, it is likely in a very recent version of
> > code.
> >
> > All of the products support WCCPv2. You may be limited in your choice
> of the
> > version of code on the router.
> >
> > It would be nice to hear from the respective companies on their support for
> > NTLM authentication in multiple domains.
> >
> > Doug
> >
> >
> >
> > > From: "Serge" <serge@cefib.com>
> > > Reply-To: isp-caching@isp-caching.com
> > > Date: Mon, 11 Mar 2002 21:03:30 -0000
> > > To: isp-caching@isp-caching.com
> > > Subject: Re: Cisco & NTLM
> > >
> > > sorry I misundertood the question
> > > I was way off
> > > forget my last post
> > >
> > >
> > > ----- Original Message -----
> > > From: "Sheaffer Residence" <illyse@bellsouth.net>
> > > To: <isp-caching@isp-caching.com>
> > > Sent: Saturday, March 09, 2002 4:52 AM
> > > Subject: Cisco & NTLM
> > >
> > >
> > >>
> > >> Can someone help me understand something..... I have NT servers in
> > > multple
> > >> domains but all trusted to a master domain. I want my users on their
> > >> workstations using transparent WCCP v2, to automatically be caching
> while
> > >> having the ability to capture who the users are w/o them having to "sign
> > > on"
> > >> to another screen. Does Cisco have this capability? What if anything
> > > needs
> > >> to be on the PDC/BDCs?
> > >>
> > >> Am I asking to much?
> > >>
> > >>
> > >>
> > >>
> > >> ____________ The ISP-CACHING Discussion List ___________
> > >> To Join: mailto:join-isp-caching@isp-caching.com
> > >> To Remove: mailto:remove-isp-caching@isp-caching.com
> > >> Archives: http://isp-lists.isp-planet.com/isp-caching/archives/
> > >> ---
> > >> [This E-mail scanned for viruses by Declude Virus]
> > >>
> > >>
> > >
> > > ---
> > > [This E-mail scanned for viruses by Declude Virus]
> > >
> > >
> > >
> > >
> > > ____________ The ISP-CACHING Discussion List ___________
> > > To Join: mailto:join-isp-caching@isp-caching.com
> > > To Remove: mailto:remove-isp-caching@isp-caching.com
> > > Archives: http://isp-lists.isp-planet.com/isp-caching/archives/
> > >
> >
> >
> >
> > ____________ The ISP-CACHING Discussion List ___________
> > To Join: mailto:join-isp-caching@isp-caching.com
> > To Remove: mailto:remove-isp-caching@isp-caching.com
> > Archives: http://isp-lists.isp-planet.com/isp-caching/archives/
> >
>
>
>
>____________ The ISP-CACHING Discussion List ___________
>To Join: mailto:join-isp-caching@isp-caching.com
>To Remove: mailto:remove-isp-caching@isp-caching.com
>Archives: http://isp-lists.isp-planet.com/isp-caching/archives/
Received on Mon Mar 18 2002 - 16:36:58 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:52 MST