Configuring the client side of NTLM authentication

To configure the client side of NTLM authentication:

1. On the server hosting the Squid service, make sure that the first nameserver parameter in the /etc/resolv.conf file contains the IP address of the DNS server with the Active Directory zone. To do so, execute the command:

   cat /etc/resolv.conf

2. On the Active Directory DNS server, add A- and PTR entries for the server hosting the Squid service.

   To create a PTR entry, you may need to add a reverse zone.

3. Make sure that the Active Directory domain controller is accessible from the server hosting the Squid service. To do so, execute the commands:

   ping <Active Directory domain controller name>

   If the Active Directory domain controller is accessible, you will see a successful exchange of packets.

   telnet <Active Directory domain controller name> 445

   If the Active Directory domain controller is accessible, the connection will be established successfully.

   To close the connection, press Ctrl-], then type quit and press ENTER.

4. Make sure that the server hosting the Squid service is accessible from the Active Directory domain controller. To do so, execute the command:

   ping <name of the server hosting the Squid service>

   If the server hosting the Squid service is accessible, you will see a successful exchange of packets.

5. On enterprise LAN computers, in the browser settings, specify the FQDN address of the server hosting the Squid service as the proxy server.

The client side of NTLM authentication will be configured.

Page top