This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Re: how to configure NTLM Authentication for Http Proxy module (Windows AD slave) ?
« on: December 09, 2011, 06:56:31 am »
hi, everyone.
I was solved my problem about NTLM Authentication.
1. Configure the zentyal step by step as following link:
http://trac.zentyal.org/wiki/Documentation/Community/HowTo/ProxyWithNTLM
(please replace all "ebox" of "zentyal").
2. Configure the GPMC in Windows server2008 R2 :
Computer configuration-- policies--windows settings--security settings--local policies:
a. network security: LAN Manager authentication level : send lm & NTLM responses;
b. network security: LDAP cient signing requirements : negotiate signing;
c. network security: Minimum session security security for NTLM SSP based (including secure RPC) clients & servers : Require 128-bit encryption;
d. network security: Restrict NTLM : Audit Incoming NTLM Traffic : Enable auditing for all accounts;
e. network security: Restrict NTLM : Audit NTLM authentication in this domain : Enable all;
f. network security: Restrict NTLM : Incoming NTLM Traffic : Allow all;
g. network security: Restrict NTLM : NTLM authentication in this domain : Disable;
h. network security: Restrict NTLM : Outgoing NTLM traffic to remote servers Allow all.
3. Run GPUPDATE in windows server 2008 R2 and Windows7.
I was solved my problem about NTLM Authentication.
1. Configure the zentyal step by step as following link:
http://trac.zentyal.org/wiki/Documentation/Community/HowTo/ProxyWithNTLM
(please replace all "ebox" of "zentyal").
2. Configure the GPMC in Windows server2008 R2 :
Computer configuration-- policies--windows settings--security settings--local policies:
a. network security: LAN Manager authentication level : send lm & NTLM responses;
b. network security: LDAP cient signing requirements : negotiate signing;
c. network security: Minimum session security security for NTLM SSP based (including secure RPC) clients & servers : Require 128-bit encryption;
d. network security: Restrict NTLM : Audit Incoming NTLM Traffic : Enable auditing for all accounts;
e. network security: Restrict NTLM : Audit NTLM authentication in this domain : Enable all;
f. network security: Restrict NTLM : Incoming NTLM Traffic : Allow all;
g. network security: Restrict NTLM : NTLM authentication in this domain : Disable;
h. network security: Restrict NTLM : Outgoing NTLM traffic to remote servers Allow all.
3. Run GPUPDATE in windows server 2008 R2 and Windows7.
2
Installation and Upgrades / Re: how to configure NTLM Authentication for Http Proxy module (Windows AD slave) ?
« on: November 19, 2011, 04:29:38 pm »It sure be no pop-up, that is what i want.
My DC fullname is RDPtest.test.com.
I was edit the file /usr/share/zentyal/stubs/squid/squid.conf.mas changing the lines:
auth_param basic realm Zentyal HTTP proxy
auth_param basic program /usr/lib/squid/ldap_auth -v 3 -b ou=...
To:
auth_param ntlm program /usr/lib/squid/ntlm_auth -b test.com/RDPtest
auth_param ntlm children 25
#auth_param basic realm Zentyal HTTP proxy
#auth_param basic program /usr/lib/squid/ldap_auth -v 3 -b ou=...
and edit the file /usr/share/zentyal/stubs/squid/dansguardian.conf.mas changing the line:
#authplugin = '/etc/dansguardian/authplugins/proxy-ntlm.conf'
To:
authplugin = '/etc/dansguardian/authplugins/proxy-ntlm.conf'
I don't know what is error in my Zentyal.
3
Installation and Upgrades / NTLM Authentication for Http Proxy module (Windows AD slave) [SOLVED]
« on: November 18, 2011, 10:05:12 am »
Dear all,
I want to setup the NTLM authentication for HTTP proxy module:
When users open the IE and IE not pop-up authentication window, system will be authentication AD account information at backstage, if the AD account was be allowed, then IE will be access internet.
My system status as:
1. Zentyal: 2.2.3 ;
2. Users and Groups: 2.2.4 ;
3. Http Proxy: 2.2.1 ;
4. DC: Windows server 2008 R2
5. Client system : Windows 7 SP1
6. AD Account and Password sync: OK
7. IE proxy access Internet: OK
8. Firewall: any to any.
But,I have a problem now:
When I was configured the NTLM Authentication step by step:
(http://trac.zentyal.org/wiki/Documentation/Community/HowTo/ProxyWithNTLM),
IE not pop-up the Authentication window and it can not access Internet.
How can I fix that?
PS: I apologize for my English, I'm chinese...
I want to setup the NTLM authentication for HTTP proxy module:
When users open the IE and IE not pop-up authentication window, system will be authentication AD account information at backstage, if the AD account was be allowed, then IE will be access internet.
My system status as:
1. Zentyal: 2.2.3 ;
2. Users and Groups: 2.2.4 ;
3. Http Proxy: 2.2.1 ;
4. DC: Windows server 2008 R2
5. Client system : Windows 7 SP1
6. AD Account and Password sync: OK
7. IE proxy access Internet: OK
8. Firewall: any to any.
But,I have a problem now:
When I was configured the NTLM Authentication step by step:
(http://trac.zentyal.org/wiki/Documentation/Community/HowTo/ProxyWithNTLM),
IE not pop-up the Authentication window and it can not access Internet.
How can I fix that?
PS: I apologize for my English, I'm chinese...
Pages: [1]