Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: IPV6 -Set up NTLM proxy with Win Apache 2.4 |
|
| Author |
|
yesh
Joined: 23 Dec 2015
Posts: 1
Location: us
|
 Posted: Thu 24 Dec '15 20:08 Post subject: IPV6 -Set up NTLM proxy with Win Apache 2.4 |
 |
|
Hi
I have a following configuration in my lab to test my softweare
Apache 2.4 used as proxy server. Its under a windows domain and am trying to set up NTLM on this proxy
I am using mod_sspi but I havent got any success so far..I get to a point where client who goes thorough this proxy gets a user name and password prompt but on entering the credentials dialog box keeps coming back and reuesting for the user name and password. On clicking yes for multiple times it will simply show webpage of denied login
Proxy logs .access logs -> shows 407 and 415 errors.
On using wireshark to trace the packets, I see NTLM authentication in use but client fails to response the challenge posted by NTLM.
I am not sure what is wrong with the proxy configuration. I havent installed any ssl certificates yet since its just a pass through proxy. Can someone please help me? I have been debugging it since few weeks now...
Do I need ldap module enabled for NTLM to work ? I have AD and DC in network.
Snippet from httpd.conf
| Code: | #
<IfModule ssl_module>
#Include conf/extra/httpd-ssl.conf
Include conf/extra/httpd-ahssl.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
<IfModule http2_module>
ProtocolsHonorOrder On
Protocols h2 h2c http/1.1
</IfModule>
#<VirtualHost [2001:db8::1:4305]:8080>
ProxyRequests On
ProxyVia On
<Proxy *>
# <Location /authenticate >
AuthName "ipv6.test.domain"
AuthType SSPI
NTLMAuth On
NTLMDomain ipv6.test.domain
NTLMAuthoritative On
<RequireAll>
<RequireAny>
Require valid-user
#require sspi-user EMEA\group_name
</RequireAny>
</RequireAll>
# </Location>
</Proxy>
#</VirtualHost> |
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7407
Location: EU, Germany, Next to Hamburg
|
| Posted: Sat 02 Jan '16 22:35 Post subject: |
|
|
| Did you try to use the IPv6 instead of the name? |
|
| Back to top |
|
|
|
|
|
|
