LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Web-Browsing-Behind-ISA-Ser...

124 lines
4.3 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Web Browsing Behind ISA Server HOWTO: Method #2 - NTLM Authorization Proxy Server</TITLE>
<LINK HREF="Web-Browsing-Behind-ISA-Server-HOWTO-5.html" REL=next>
<LINK HREF="Web-Browsing-Behind-ISA-Server-HOWTO-3.html" REL=previous>
<LINK HREF="Web-Browsing-Behind-ISA-Server-HOWTO.html#toc4" REL=contents>
</HEAD>
<BODY>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO-5.html">Next</A>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO-3.html">Previous</A>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO.html#toc4">Contents</A>
<HR>
<H2><A NAME="s4">4. Method #2 - NTLM Authorization Proxy Server</A></H2>
<P>NTLM Authorization Proxy Server is proxy server-like software that just provides NTLM
authentication in between your browser and ISA Server, and makes the server believe
it's talking to Internet Explorer. It does this by adding NTLM authorization strings to the
request headers. It is written in the Python language by Dmitry Rozmanov [nice work
dude!]. See
<A HREF="http://www.python.org">www.python.org</A>.
Most linux distributions come bundled with a Python interpreter.
<P>
<H2><A NAME="ss4.1">4.1 Getting NTLMAPS</A>
</H2>
<P>The NTLMAPS project home page is located at
<A HREF="http://ntlmaps.sourceforge.net/">http://ntlmaps.sourceforge.net/</A>.
You can directly go to the download page at
<A HREF="http://sourceforge.net/project/showfiles.php?group_id=69259">http://sourceforge.net/project/showfiles.php?group_id=69259</A>. The recent version at the time of writing this document is 0.9.8.
<H2><A NAME="ss4.2">4.2 Installing NTLMAPS</A>
</H2>
<P>Once you have downloaded NTLMAPS, you can extract it into the directory of your choice:
<P>
<HR>
<PRE>
tar xzvf apsxxx.tar.gz
cd apsxxx
where 'xxx' is the version number.
</PRE>
<HR>
<H2><A NAME="ss4.3">4.3 Quick Configuration</A>
</H2>
<P>Load up server.cfg in your favorite editor. Locate the lines:
<P>
<HR>
<PRE>
LISTEN_PORT:5865
# If you want APS to authenticate you at WWW servers using NTLM then just leave this
# value blank like PARENT_PROXY: and APS will connect to web servers directly.
# And NOTE that NTLM cannot pass through another proxy server.
PARENT_PROXY:your_parentproxy
PARENT_PROXY_PORT:8080
</PRE>
<HR>
<P>By default, NTLMAPS listens on port 5865. You can change it to any port number of
your choice. You need to replace 'your_parentproxy' with the IP address of your
ISA Server. Put ISA Server's web cache port in PARENT_PROXY_PORT.
<P>
<P>Now, locate the lines:
<P>
<HR>
<PRE>
# Windows Domain.
# NOTE: it is not full qualified internet domain, but windows network domain.
NT_DOMAIN:your_domain
# What user's name to use during authorization. It may differ form real current username.
USER:username_to_use
# Password. Just leave it blank here and server will request it at the start time.
PASSWORD:your_nt_password
</PRE>
<HR>
<P>You will need to put in your domain name in place of your_domain, user name in place
of 'username_to_use' and password in place of 'your_nt_password'. Save the file after
editing.
<P>
<H2><A NAME="ss4.4">4.4 Running NTLMAPS</A>
</H2>
<P>Now simply run the file main.py, for example:
<P>
<HR>
<PRE>
./main.py
</PRE>
<HR>
<P>Now the NTLMAPS server is listening.
<H2><A NAME="ss4.5">4.5 Client Side Configuration</A>
</H2>
<P>In particular, we will use Netscape as an example here.
<P>
<UL>
<LI> Start Netscape Communicator.</LI>
<LI> Click on Edit menu and click Preferences.</LI>
<LI> Expand 'Advanced' node and click on 'Proxies'; you will see some options on the left.</LI>
<LI> Click on Manual proxy configuration, then click on the View button.</LI>
<LI> Put your local host's IP address (127.0.0.1) in the HTTP: box and port where NTLMAPS is listening (5865).</LI>
<LI> Click on OK to confirm your changes.</LI>
<LI> You will return back to Preferences dialog.</LI>
<LI> Click on OK to apply your changes.</LI>
</UL>
<P>Load up a test url in your browser and you will see the web page loads successfully. If you use a different browser
then you will need to explore and see how you set it up to work with proxy.
<HR>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO-5.html">Next</A>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO-3.html">Previous</A>
<A HREF="Web-Browsing-Behind-ISA-Server-HOWTO.html#toc4">Contents</A>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink