Mac Thread, Smoothwall - Mac's NTLM Authentication in Technical; With the terrific help I received earlier regarding Mac's - Thought that I would try to solve a couple of ...
19th May 2009, 08:43 PM #1
Smoothwall - Mac's NTLM Authentication
With the terrific help I received earlier regarding Mac's - Thought that I would try to solve a couple of problems/irritations
We only allow staff to access the internet on our Macs as students dont need internet access in their music lessons. Our registers are on E1 so they are all web based.
Our smoothwall is using NTLM Authentication and has to stay as this for various reasons....
We have the smoothwall proxy settings applied to the staff preferences in Workgroup Manager and have the relevant exceptions also added. But they are still requested to input their credentials frequently when browsing using safari. I have installed Firefox and changed 'network.automatic-ntlm-auth.trusted-uris' but they are still requested.
Is NTLM Authentication still broken in safari on 10.5.6 and 5.7?
Has anyone else got it working? either with safari or Firefox..
20th May 2009, 08:04 AM #2
Unfortunately, on non-windows platforms, you will still be asked to input your credentials when using NTLM. This is a limitation we can't avoid.
Sometimes, it happens a bit more often than it should, though - this is being worked on, and as soon as we find a way to improve it, we'll let you (and the rest of our customers) know.
Sometime soon we will, I hope, be adding the ability to choose your auth method based on your OS, IP or UserAgent (quite which, we have yet to work out).
If you could drop me an email outlining your situation, I will make sure it is read in the relevant dev meetings.
20th May 2009, 08:28 AM #3
I found when using firefox/linux I need to put in domain\username - so that smoothwall authenticated to AD. Is there any way we can remove the domain part, ie get smoothwall to assume a default domain? without redirecting everyone to a webpage.
Originally Posted by tom_newton
20th May 2009, 08:32 AM #4
This is also how we are currently doing it... I would also love for them to be only to have to put their username in... but still having NTLM Authentication.
Originally Posted by CyberNerd
20th May 2009, 08:42 AM #5
Hm. Sounds like a good idea on paper, I will see what I can get out of the devs
20th May 2009, 09:31 AM #6
- Rep Power
Another way round is to run smoothwall on a second box for the macs?
Then you can use IDENT instead of NTLM for the macs and stick with NTLM for the PCees.
It *might* be possible to replicate some of the settings between the boxes - although I haven't managed this too well.
20th May 2009, 09:43 AM #7
I used to use NTLM authentication for the Macs but for some unknown reason the sites were broken each time. I have since started to use identd. This seems to work better than NTLM authentication and is also transparent to the user. I would recommend this method over NTLM personally. You can also use ident on the XP side as well.
This is the way i am going. With the mac side you can send the credentials of the current aqua user and also specify a user by default in the system prefs tab that is installed with the identd software. I have been trialing an application that hasn't been updated for a while on OS X 10.5.6 and seems to work OK.
Not rolled it out completely yet though so at your own risk for the moment.
Last edited by HodgeHi; 20th May 2009 at 09:44 AM.
Reason: adding URL
20th May 2009, 09:54 AM #8
Yes, you can use 2 boxes no problem - just ring your account manager and let them know, and they'll letcha replicate the licence across 2 machines.
Replication will allow you to pull settings across between each Guardian ok.
By alan-d in forum Virtual Learning Platforms
Last Post: 15th December 2009, 02:19 PM
By theeldergeek in forum Mac
Last Post: 11th May 2009, 12:19 PM
Last Post: 10th January 2008, 03:27 PM
By pooley in forum Windows
Last Post: 27th February 2007, 08:00 PM
Last Post: 29th June 2006, 02:00 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)