Solved

External Proxy NTLM automatic login

Posted on 2011-02-22
16
1,583 Views
Last Modified: 2013-12-08
Hi there,

we have external Proxy on Port :8080.
Everytime Internet Explorer or other Browser is opened Logon message popup.

Especially for Terminal Server User it is anoying.

Is it possible to do automatically login by asp / vbs or java script on browser start ?

Of course we can do one time login and save the login credential, but when temporally accounts are applied the login is required again.

THANKS
Stefan
0
Comment
Question by:darkangel1969
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
16 Comments
 
LVL 4

Accepted Solution

by:
fr0nk earned 125 total points
ID: 34950508
Can you configure the proxy to authenticate the computeraccount, regardless which user uses it?
0
 
LVL 78

Expert Comment

by:arnold
ID: 34951761
You could use NTLM, the problem is how you will have have the list of users on the external system?
You could prompt the user on first access and store the response with an expiration  time frame.
0
 

Author Comment

by:darkangel1969
ID: 34952594
I can create a user to login but I dont want to create all users in the company with password policies and changing password every 90 days. This must changed in the external proxy account also.

I like to use one account like user name : internet /  password : internet.

I cant create empty account or username with no password.

For the access it is "only" the login once but for some it is to much. Before it wasnt neccessary and now they wont accept it like this with login.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 78

Expert Comment

by:arnold
ID: 34952870
Setup a local proxy that will chain to the external proxy and the local will provide the credentials to the external.

An old workstation can easily be setup as a squid proxy.  
0
 

Author Comment

by:darkangel1969
ID: 34953649
Hmm, right now we have AVM ken on one server which should be switched off cause its old and not reliable.
We was looking for a solution without internal proxy but it seems like there is no way to avoid this ...

 ... or anyone have idea maybe to place internet explorer start page with java or vb script to do login to external proxy ?!

Is Squid based on Linux ? May it have antivirus gateway and / or logging ?
0
 
LVL 78

Expert Comment

by:arnold
ID: 34954949
Yes. Linux or you can set it up on windows. Adding additional feature is possible.
0
 

Author Comment

by:darkangel1969
ID: 35398371
Hi,

anyone can give me a hint for configuration on squid parent proxy authentication ?

The parent is also a squid proxy in datacenter of our internet provider.

Thx
   stefan
0
 
LVL 78

Expert Comment

by:arnold
ID: 35400339
Could you explain what you are asking?
Are you asking on how to setup authentication within squid?
0
 

Author Comment

by:darkangel1969
ID: 35402782
I set up squid proxy in our office. Our Internet provider also use squid proxy but need authentication. My question is, how to do NTLM auth to the parent proxy from my squid.

thx
0
 
LVL 78

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35405409
Your NTLM is with your local users.  There is a peer definition within squid which is where you would define that your squid should connect to the upstream peer and provide the credentials to talk to it.

User <=> NTLM authentication to <=> your squid <= peer authentication => upstream squid.
0
 

Author Comment

by:darkangel1969
ID: 35413691
Does anyone have an example configuration file for squid and parent proxy authentication ?!

Stefan
0
 
LVL 78

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35413728
0
 

Author Comment

by:darkangel1969
ID: 35465311
It is squid for Windows 2.7 stable.

In which cases I use NTLM and / or basic and protocol_helper ?
Anyone can give example line for squid.conf ?

Any addional software is needed ?

thx
   stefan
0
 
LVL 78

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35466210
cache_peer <ip/hostname of upstream proxy> parent <peer proxy port> <icp port (3130 default for squid)> [proxy-only login=user:password]

Add the above line to your configuration.

There is no need for additional software.
0
 

Author Closing Comment

by:darkangel1969
ID: 35829377
The solution proposal doesnt solve the real problem.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question