Configuring the client side of NTLM authentication
13 December 2023
ID 166845
To configure the client side of NTLM authentication:
- On the server hosting the Squid service, make sure that the first
nameserver
parameter in the /etc/resolv.conf file contains the IP address of the DNS server with the Active Directory zone. To do so, execute the command:cat /etc/resolv.conf
- On the Active Directory DNS server, add A- and PTR entries for the server hosting the Squid service.
To create a PTR entry, you may need to add a reverse zone.
- Make sure that the Active Directory domain controller is accessible from the server hosting the Squid service. To do so, execute the commands:
ping <Active Directory domain controller name>
If the Active Directory domain controller is accessible, you will see a successful exchange of packets.
telnet <Active Directory domain controller name> 445
If the Active Directory domain controller is accessible, the connection will be established successfully.
To close the connection, press Ctrl-], then type
quit
and press ENTER. - Make sure that the server hosting the Squid service is accessible from the Active Directory domain controller. To do so, execute the command:
ping <name of the server hosting the Squid service>
If the server hosting the Squid service is accessible, you will see a successful exchange of packets.
- On enterprise LAN computers, in the browser settings, specify the FQDN address of the server hosting the Squid service as the proxy server.
The client side of NTLM authentication will be configured.