Solved

External Proxy NTLM automatic login

Posted on 2011-02-22
16
1,578 Views
Last Modified: 2013-12-08
Hi there,

we have external Proxy on Port :8080.
Everytime Internet Explorer or other Browser is opened Logon message popup.

Especially for Terminal Server User it is anoying.

Is it possible to do automatically login by asp / vbs or java script on browser start ?

Of course we can do one time login and save the login credential, but when temporally accounts are applied the login is required again.

THANKS
Stefan
0
Comment
Question by:darkangel1969
  • 7
  • 7
16 Comments
 
LVL 4

Accepted Solution

by:
fr0nk earned 125 total points
ID: 34950508
Can you configure the proxy to authenticate the computeraccount, regardless which user uses it?
0
 
LVL 77

Expert Comment

by:arnold
ID: 34951761
You could use NTLM, the problem is how you will have have the list of users on the external system?
You could prompt the user on first access and store the response with an expiration  time frame.
0
 

Author Comment

by:darkangel1969
ID: 34952594
I can create a user to login but I dont want to create all users in the company with password policies and changing password every 90 days. This must changed in the external proxy account also.

I like to use one account like user name : internet /  password : internet.

I cant create empty account or username with no password.

For the access it is "only" the login once but for some it is to much. Before it wasnt neccessary and now they wont accept it like this with login.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 77

Expert Comment

by:arnold
ID: 34952870
Setup a local proxy that will chain to the external proxy and the local will provide the credentials to the external.

An old workstation can easily be setup as a squid proxy.  
0
 

Author Comment

by:darkangel1969
ID: 34953649
Hmm, right now we have AVM ken on one server which should be switched off cause its old and not reliable.
We was looking for a solution without internal proxy but it seems like there is no way to avoid this ...

 ... or anyone have idea maybe to place internet explorer start page with java or vb script to do login to external proxy ?!

Is Squid based on Linux ? May it have antivirus gateway and / or logging ?
0
 
LVL 77

Expert Comment

by:arnold
ID: 34954949
Yes. Linux or you can set it up on windows. Adding additional feature is possible.
0
 

Author Comment

by:darkangel1969
ID: 35398371
Hi,

anyone can give me a hint for configuration on squid parent proxy authentication ?

The parent is also a squid proxy in datacenter of our internet provider.

Thx
   stefan
0
 
LVL 77

Expert Comment

by:arnold
ID: 35400339
Could you explain what you are asking?
Are you asking on how to setup authentication within squid?
0
 

Author Comment

by:darkangel1969
ID: 35402782
I set up squid proxy in our office. Our Internet provider also use squid proxy but need authentication. My question is, how to do NTLM auth to the parent proxy from my squid.

thx
0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35405409
Your NTLM is with your local users.  There is a peer definition within squid which is where you would define that your squid should connect to the upstream peer and provide the credentials to talk to it.

User <=> NTLM authentication to <=> your squid <= peer authentication => upstream squid.
0
 

Author Comment

by:darkangel1969
ID: 35413691
Does anyone have an example configuration file for squid and parent proxy authentication ?!

Stefan
0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35413728
0
 

Author Comment

by:darkangel1969
ID: 35465311
It is squid for Windows 2.7 stable.

In which cases I use NTLM and / or basic and protocol_helper ?
Anyone can give example line for squid.conf ?

Any addional software is needed ?

thx
   stefan
0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 375 total points
ID: 35466210
cache_peer <ip/hostname of upstream proxy> parent <peer proxy port> <icp port (3130 default for squid)> [proxy-only login=user:password]

Add the above line to your configuration.

There is no need for additional software.
0
 

Author Closing Comment

by:darkangel1969
ID: 35829377
The solution proposal doesnt solve the real problem.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Chrome SSRS print Functionality 1 59
disclaimer when opening internet 2 48
remove all history 3 35
Google map my location not working in chrome 3 39
INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question