|
»
»
Windows Authentication Problems
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
Windows Authentication Problems
by Guilherme Rocha-2
::
Rate this Message:
Hello folks,
I'm a very satisfied endian user, since the first versions, so I'm not exactly a endian and linux newbie, but.... ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows authentication. I already joined the domain successfully, all AD groups are listed inside Endian Group Policies, I choose the groups that have permissions to navigate the web, etc... My issue makes reference to the "need" to specify the proxy in the browser settings. I only can use AD authentication if I set the proxy inside the browsers. If I didn't set it, users still browsing the web like in "transparent" mode. Can someone find a motivation to this behavior? I already did read all this references: http://kb.endian.com/entry/49/ http://efwsupport.com/index.php?topic=547.msg1396;topicseen http://solaria.endian.it/screencasts/advanced_groups.html http://www.advproxy.net/ldapads.html thanks for answers. hugs -- -- Guilherme Rocha GF7 Doc & Systems - Soluções Tecnológicas Pesquisa e Desenvolvimento - World Wide R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by Sam Osborne
::
Rate this Message:
May be obvious but port 80 outgoing blocked?
On 16/07/2009, at 10:28 PM, Guilherme Rocha wrote: > Hello folks, > > > > I'm a very satisfied endian user, since the first versions, so I'm not > exactly a endian and linux newbie, but.... > > ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows > authentication. > > I already joined the domain successfully, all AD groups are listed > inside Endian Group Policies, I choose the groups that have > permissions to navigate the web, etc... > > > My issue makes reference to the "need" to specify the proxy in the > browser settings. > I only can use AD authentication if I set the proxy inside the > browsers. > If I didn't set it, users still browsing the web like in > "transparent" mode. > > Can someone find a motivation to this behavior? > > > I already did read all this references: > > http://kb.endian.com/entry/49/ > http://efwsupport.com/index.php?topic=547.msg1396;topicseen > http://solaria.endian.it/screencasts/advanced_groups.html > http://www.advproxy.net/ldapads.html > > > thanks for answers. > > > hugs > > -- > -- > Guilherme Rocha > GF7 Doc & Systems - Soluções Tecnológicas > Pesquisa e Desenvolvimento - World Wide > R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 > Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited > time, > vendors submitting new applications to BlackBerry App World(TM) will > have > the opportunity to enter the BlackBerry Developer Challenge. See > full prize > details at: http://p.sf.net/sfu/Challenge > _______________________________________________ > Efw-user mailing list > Efw-user@... > https://lists.sourceforge.net/lists/listinfo/efw-user ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by Guilherme Rocha
::
Rate this Message:
Hi Sam,
thanks for your quick reply. Yes, port 80 is opened. In fact, outgoing firewall is disabled. hug, 2009/7/16 Sam Osborne <osborne.sam@...>: > May be obvious but port 80 outgoing blocked? > > On 16/07/2009, at 10:28 PM, Guilherme Rocha wrote: > >> Hello folks, >> >> >> >> I'm a very satisfied endian user, since the first versions, so I'm not >> exactly a endian and linux newbie, but.... >> >> ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows >> authentication. >> >> I already joined the domain successfully, all AD groups are listed >> inside Endian Group Policies, I choose the groups that have >> permissions to navigate the web, etc... >> >> >> My issue makes reference to the "need" to specify the proxy in the >> browser settings. >> I only can use AD authentication if I set the proxy inside the >> browsers. >> If I didn't set it, users still browsing the web like in >> "transparent" mode. >> >> Can someone find a motivation to this behavior? >> >> >> I already did read all this references: >> >> http://kb.endian.com/entry/49/ >> http://efwsupport.com/index.php?topic=547.msg1396;topicseen >> http://solaria.endian.it/screencasts/advanced_groups.html >> http://www.advproxy.net/ldapads.html >> >> >> thanks for answers. >> >> >> hugs >> >> -- >> -- >> Guilherme Rocha >> GF7 Doc & Systems - Soluções Tecnológicas >> Pesquisa e Desenvolvimento - World Wide >> R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 >> Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br >> >> ------------------------------------------------------------------------------ >> Enter the BlackBerry Developer Challenge >> This is your chance to win up to $100,000 in prizes! For a limited >> time, >> vendors submitting new applications to BlackBerry App World(TM) will >> have >> the opportunity to enter the BlackBerry Developer Challenge. See >> full prize >> details at: http://p.sf.net/sfu/Challenge >> _______________________________________________ >> Efw-user mailing list >> Efw-user@... >> https://lists.sourceforge.net/lists/listinfo/efw-user > > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited time, > vendors submitting new applications to BlackBerry App World(TM) will have > the opportunity to enter the BlackBerry Developer Challenge. See full prize > details at: http://p.sf.net/sfu/Challenge > _______________________________________________ > Efw-user mailing list > Efw-user@... > https://lists.sourceforge.net/lists/listinfo/efw-user > -- -- Guilherme Rocha GF7 Doc & Systems - Soluções Tecnológicas Pesquisa e Desenvolvimento - World Wide R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by davvidde
::
Rate this Message:
If you don't set proxy settings in browser you go through Endian
directly if port 80 is open to the outgoing traffic. You also avoid this by removing default gateway from client, so traffic can go to Internet only if proxy settings are in place. Guilherme Rocha ha scritto: > Hello folks, > > > > I'm a very satisfied endian user, since the first versions, so I'm not > exactly a endian and linux newbie, but.... > > ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows > authentication. > > I already joined the domain successfully, all AD groups are listed > inside Endian Group Policies, I choose the groups that have > permissions to navigate the web, etc... > > > My issue makes reference to the "need" to specify the proxy in the > browser settings. > I only can use AD authentication if I set the proxy inside the browsers. > If I didn't set it, users still browsing the web like in "transparent" mode. > > Can someone find a motivation to this behavior? > > > I already did read all this references: > > http://kb.endian.com/entry/49/ > http://efwsupport.com/index.php?topic=547.msg1396;topicseen > http://solaria.endian.it/screencasts/advanced_groups.html > http://www.advproxy.net/ldapads.html > > > thanks for answers. > > > hugs > ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by csalinardi
::
Rate this Message:
You need to deny all internet access except through the proxy, that's what Sam was trying to say. Remove any outgoing rules allowing port 80/443 access and any other ports you want to block (like FTP).
Thanks, Chris On Thu, Jul 16, 2009 at 8:55 AM, Guilherme Rocha <guilherme.consultor@...> wrote: Hi Sam, ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by Guilherme Rocha
::
Rate this Message:
Hello Davide and Christopher,
thanks for your answer. I understand you two. My question isn't just block the navigation without set the proxy in browser settings. I would like to use AD authentication without to set the proxy in browser, asking anybody for authentication. Set the proxy in browsers will difficult to administrate notebook's users, that are frequently traveling and using other networks. Is it possible with Endian FW ? All the rest of endian implementation is working fine. hugs -- -- Guilherme Rocha GF7 Doc & Systems - Soluções Tecnológicas Pesquisa e Desenvolvimento - World Wide R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br 2009/7/16 Davide Cottignoli <davidecottignoli@...>: > If you don't set proxy settings in browser you go through Endian > directly if port 80 is open to the outgoing traffic. You also avoid this > by removing default gateway from client, so traffic can go to Internet > only if proxy settings are in place. > > > Guilherme Rocha ha scritto: >> Hello folks, >> >> >> >> I'm a very satisfied endian user, since the first versions, so I'm not >> exactly a endian and linux newbie, but.... >> >> ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows >> authentication. >> >> I already joined the domain successfully, all AD groups are listed >> inside Endian Group Policies, I choose the groups that have >> permissions to navigate the web, etc... >> >> >> My issue makes reference to the "need" to specify the proxy in the >> browser settings. >> I only can use AD authentication if I set the proxy inside the browsers. >> If I didn't set it, users still browsing the web like in "transparent" mode. >> >> Can someone find a motivation to this behavior? >> >> >> I already did read all this references: >> >> http://kb.endian.com/entry/49/ >> http://efwsupport.com/index.php?topic=547.msg1396;topicseen >> http://solaria.endian.it/screencasts/advanced_groups.html >> http://www.advproxy.net/ldapads.html >> >> >> thanks for answers. >> >> >> hugs >> > > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited time, > vendors submitting new applications to BlackBerry App World(TM) will have > the opportunity to enter the BlackBerry Developer Challenge. See full prize > details at: http://p.sf.net/sfu/Challenge > _______________________________________________ > Efw-user mailing list > Efw-user@... > https://lists.sourceforge.net/lists/listinfo/efw-user > ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: Windows Authentication Problems
by davvidde
::
Rate this Message:
Yes, you can put some rules in iptables to redirect incoming packet to
port 80 similar to: iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.254:8080 in this case traffic is INTERCEPTED and redirected to the squid proxy but in this case you cannot use authentication to AD. It is better to set a Group policy in AD to set up client with right proxy settings otherwise use the WPAD protocol and leave client proxy configuration to determine automatically proxy settings. Guilherme Rocha ha scritto: > Hello Davide and Christopher, > > > > thanks for your answer. I understand you two. > > My question isn't just block the navigation without set the proxy in > browser settings. > > I would like to use AD authentication without to set the proxy in browser, > asking anybody for authentication. > > Set the proxy in browsers will difficult to administrate notebook's users, that > are frequently traveling and using other networks. > > > Is it possible with Endian FW ? > > > All the rest of endian implementation is working fine. > > > hugs > > ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
| Free embeddable forum powered by Nabble | Forum Help |
