steps to successfully authenticate through an ISA Proxy on Linux
Oct0
Who need this?
A person who is using Linux and try to authenticate himself/herself through Microsoft ISA Proxy.
Does Linux use ISA Proxy Authentication?
I’m not 100% sure but I know for a fact that even if you set System Proxy Settings, apt-get still is not going to work. I did some search on google and found that apt-get does not understand the algorithm used in the ISA server.
How to fix this?
Download, configure, and run NTLM, a program that enable apt-get to understand ISA Proxy Authentication algorithm.
Where to get this file?
http://sourceforge.net/project/showfiles.php?group_id=69259
Download and extract the gz file
Download the file then extract the folder onto your Desktop.
How to configure?
I’m using Ubuntu 8.0.4, the instruction may be different if you are using a different Linux flavor.
You can read the INSTALL file included in the package, but if you don’t want to you can read the image instruction (that’s why I’m writing this post).
Navigate to the NTLMaps folder using whichever method best suited for you. I’m a beginner so I use the GUI way.
NTLMaps Folder
Double click on the server.cfg to open up the file. Now you can configure your proxy. Now inside this file, there are many lines like the one below that allow you to configure your proxy settings. You will have to go through the entire text file to look for these lines.
Listening port on NTLMaps
Leave this port alone unless you want to use a different port.
Parent Proxy/Port
Put your parent proxy address and port number here.
Windows domain
The text suggests that you should put only the NT Domain name, not full qualified domain name. I put my company’s full qualified domain name and it still works, your company may be different, try the full qualified domain name if the NT domain name does not work out for you.
Windows Username
Put your network log on name here. My company uses Windows logon username to authenticate through the proxy, your company may be different.
Windows Password
Put your network log on password here. My company uses Windows logon password to authenticate through the proxy, your company may be different.
Now the basic configuration is complete, how do I start this program?
Start Terminal, navigate to your NTLMaps folder, type python main.py to start the program
Start NTLMaps
Now how do I tell Linux to direct all Microsoft proxy authentication to NTLMaps?
The instruction is also included in the server.cfg file but you can read the images if that’s better for you.
Network Proxy
Network Proxy Configure
Navigate to SystemPreferencesNetwork Proxy and select Manual proxy configuration. Enter 127.0.0.1 for HTTP Proxy and port 5865. Make sure you also check the box “Use the same proxy for all protocols.”
Now you are done. All proxy authentication will not be directed back to NTLMaps for process.
Conclusion
This method WORKS. You can browse the internet as well as using apt-get. However, Website access is slower now since you have to authenticate again by going through NTLMaps.