+ Post New Thread
Results 1 to 8 of 8
Mac Thread, Smoothwall - Mac's NTLM Authentication in Technical; With the terrific help I received earlier regarding Mac's - Thought that I would try to solve a couple of ...
  1. #1
    linkazoid's Avatar
    Join Date
    May 2007
    Location
    London
    Posts
    642
    Thank Post
    118
    Thanked 89 Times in 73 Posts
    Rep Power
    78

    Smoothwall - Mac's NTLM Authentication

    With the terrific help I received earlier regarding Mac's - Thought that I would try to solve a couple of problems/irritations

    We only allow staff to access the internet on our Macs as students dont need internet access in their music lessons. Our registers are on E1 so they are all web based.

    Our smoothwall is using NTLM Authentication and has to stay as this for various reasons....

    We have the smoothwall proxy settings applied to the staff preferences in Workgroup Manager and have the relevant exceptions also added. But they are still requested to input their credentials frequently when browsing using safari. I have installed Firefox and changed 'network.automatic-ntlm-auth.trusted-uris' but they are still requested.

    Is NTLM Authentication still broken in safari on 10.5.6 and 5.7?
    Has anyone else got it working? either with safari or Firefox..

    Cheers again........

    Michael

  2. #2


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    Unfortunately, on non-windows platforms, you will still be asked to input your credentials when using NTLM. This is a limitation we can't avoid.

    Sometimes, it happens a bit more often than it should, though - this is being worked on, and as soon as we find a way to improve it, we'll let you (and the rest of our customers) know.

    Sometime soon we will, I hope, be adding the ability to choose your auth method based on your OS, IP or UserAgent (quite which, we have yet to work out).

    If you could drop me an email outlining your situation, I will make sure it is read in the relevant dev meetings.

  3. #3


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by tom_newton View Post
    Unfortunately, on non-windows platforms, you will still be asked to input your credentials when using NTLM. This is a limitation we can't avoid.
    I found when using firefox/linux I need to put in domain\username - so that smoothwall authenticated to AD. Is there any way we can remove the domain part, ie get smoothwall to assume a default domain? without redirecting everyone to a webpage.

  4. #4
    linkazoid's Avatar
    Join Date
    May 2007
    Location
    London
    Posts
    642
    Thank Post
    118
    Thanked 89 Times in 73 Posts
    Rep Power
    78
    Quote Originally Posted by CyberNerd View Post
    I found when using firefox/linux I need to put in domain\username - so that smoothwall authenticated to AD. Is there any way we can remove the domain part, ie get smoothwall to assume a default domain? without redirecting everyone to a webpage.
    This is also how we are currently doing it... I would also love for them to be only to have to put their username in... but still having NTLM Authentication.

    Michael

  5. #5


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    Hm. Sounds like a good idea on paper, I will see what I can get out of the devs

  6. #6
    diggory's Avatar
    Join Date
    Sep 2008
    Location
    Bristol
    Posts
    85
    Thank Post
    36
    Thanked 11 Times in 10 Posts
    Rep Power
    13

    2nd box?

    Another way round is to run smoothwall on a second box for the macs?
    Then you can use IDENT instead of NTLM for the macs and stick with NTLM for the PCees.

    It *might* be possible to replicate some of the settings between the boxes - although I haven't managed this too well.

  7. #7

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,190
    Thank Post
    299
    Thanked 215 Times in 185 Posts
    Rep Power
    56
    I used to use NTLM authentication for the Macs but for some unknown reason the sites were broken each time. I have since started to use identd. This seems to work better than NTLM authentication and is also transparent to the user. I would recommend this method over NTLM personally. You can also use ident on the XP side as well.

    This is the way i am going. With the mac side you can send the credentials of the current aqua user and also specify a user by default in the system prefs tab that is installed with the identd software. I have been trialing an application that hasn't been updated for a while on OS X 10.5.6 and seems to work OK.

    http://www.macmax.org/rubrique.php3?id_rubrique=21

    Not rolled it out completely yet though so at your own risk for the moment.
    Last edited by HodgeHi; 20th May 2009 at 09:44 AM. Reason: adding URL

  8. #8


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    Yes, you can use 2 boxes no problem - just ring your account manager and let them know, and they'll letcha replicate the licence across 2 machines.

    Replication will allow you to pull settings across between each Guardian ok.

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle & NTLM Authentication
    By alan-d in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 15th December 2009, 02:19 PM
  2. Updating Mac's via Xserve
    By theeldergeek in forum Mac
    Replies: 6
    Last Post: 11th May 2009, 12:19 PM
  3. New To Mac's
    By SSFC in forum Mac
    Replies: 8
    Last Post: 10th January 2008, 03:27 PM
  4. Replies: 6
    Last Post: 27th February 2007, 08:00 PM
  5. MRBS + NTLM Authentication
    By Frazer in forum *nix
    Replies: 13
    Last Post: 29th June 2006, 02:00 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •