Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 01 December 2024, 04:43:36 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  HTTP Proxy/Windows AD Authentication/User Logging
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: HTTP Proxy/Windows AD Authentication/User Logging  (Read 15831 times)
llysty
Full Member
***
Offline Offline

Posts: 10


« on: Tuesday 16 November 2010, 11:17:29 pm »

Hello!

Finally got my efw live on my network and have everything thing pretty much working just so. My sole issue isn't a big problem but would be nice to sort so that we can have user tracking of internet use (my logs are showing IP address but no username).

I have successfully managed to join efw to the domain and on the face of it, it looks OK - when I define the policy, I can see the AD groups etc. However, when I activate the profile it either achieves nothing or the user's see a login box that when tried with the AD username/password, the authentication fails so access is denied.

Many years ago when we tried endian last, I had the authentication working great - we're aiming to get a completely transparant process going where activity is logged against the logged in AD user but without the need to input passwords (my only problem last time was with defining groups as efw couldn't cope with our AD structure on a SBS server).

The odd thing I have noticed in the proxy logs is that the clients are seeming to attempt to authenticate with their ad username as every client session enter this into the proxy log:

//.../adpb/registration?username=*user*&domain=...

We are using SBS2003 server and a mixture of clients from Win XP to Windows 7.

Any idea's?

Many thanks

Andy
Logged
llysty
Full Member
***
Offline Offline

Posts: 10


« Reply #1 on: Tuesday 16 November 2010, 11:37:29 pm »

Doing a bit more investigation, I've picked up that the issue may be related to IE as it works on early versions and also Firefox. I'm going to download Firefox to see but does anyone have any IE 8/9 configuration tips?
Logged
llysty
Full Member
***
Offline Offline

Posts: 10


« Reply #2 on: Wednesday 17 November 2010, 01:39:48 am »

Okay - this isn't a browser issue. Have tried LDAP authentication to AD also but the same issue arises. Essentially, clients are not successfully authenticating  Huh
Logged
ehermouet
Full Member
***
Offline Offline

Posts: 21


« Reply #3 on: Wednesday 17 November 2010, 09:40:43 pm »

hi all,

i think i have the same problem. i have 3 endian in my network. 2 of them are on 2.3, and proxy work with authentication from active directory server. when user open IE or mozilla they don't ask username or password it's auto, on the last version, 2.4 my user must xrite username and password and it's work not first time but the second or third time.

if anybody can help me.

tks advance
Logged
llysty
Full Member
***
Offline Offline

Posts: 10


« Reply #4 on: Wednesday 01 December 2010, 09:12:25 pm »

OK - I've fixed my problem!

The issue is related to the outgoing firewall rule allowing port 80 (installed by default). This needs to be disabled/removed to allow the authentication on the proxy to work. Http proxy must also not be set to transparent.

Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.094 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com