Squid3 + SquidGuard + AD
-
Please your help … I have achieved my pfsense is integrated into Active Directory, but when the user enters the Internet Explorer window will pop up authentication .
Is there any way that all authentication is transparent, in other words , I am currently filtering Users and Groups in my pfsense but always Authentication window appears, but I need to filter authentication window that users not appear.
Can someone help me with this question please!
Thank you so much.
-
I'm not sure why hooked in AD integration if you don't want them to authenticate against AD…
If you don't want auth then just remove it and manage the connections via Allowed Subnets, for example.
-
No, NTLM does not work… never did and very likely never will; noone's going to install Samba on a firewall.
-
You'd be best off using a separate Squid/Dansguardian server running internally than using the PFS for your proxy. That way you can incorporate AD into the proxy's authentication service and your popups will no longer be a problem.
http://www.petespcs.co.uk/2011/10/dans-guardian-and-ntlm-from-active-directory/
