Life, the universe, and Windows - most likely users’ errors

steps to successfully authenticate through an ISA Proxy on Linux

Who need this?

A person who is using Linux and try to authenticate himself/herself through Microsoft ISA Proxy.

Does Linux use ISA Proxy Authentication?

I’m not 100% sure but I know for a fact that even if you set System Proxy Settings, apt-get still is not going to work. I did some search on google and found that apt-get does not understand the algorithm used in the ISA server.

How to fix this?

Download, configure, and run NTLM, a program that enable apt-get to understand ISA Proxy Authentication algorithm.

Where to get this file?

http://sourceforge.net/project/showfiles.php?group_id=69259

Download and extract the gz file

Download the file then extract the folder onto your Desktop.

How to configure?

I’m using Ubuntu 8.0.4, the instruction may be different if you are using a different Linux flavor.

You can read the INSTALL file included in the package, but if you don’t want to you can read the image instruction (that’s why I’m writing this post).

Navigate to the NTLMaps folder using whichever method best suited for you. I’m a beginner so I use the GUI way.

Double click on the server.cfg to open up the file. Now you can configure your proxy. Now inside this file, there are many lines like the one below that allow you to configure your proxy settings. You will have to go through the entire text file to look for these lines.

Leave this port alone unless you want to use a different port.

Put your parent proxy address and port number here.

The text suggests that you should put only the NT Domain name, not full qualified domain name. I put my company’s full qualified domain name and it still works, your company may be different, try the full qualified domain name if the NT domain name does not work out for you.

Put your network log on name here. My company uses Windows logon username to authenticate through the proxy, your company may be different.

Put your network log on password here. My company uses Windows logon password to authenticate through the proxy, your company may be different.

Now the basic configuration is complete, how do I start this program?

Start Terminal, navigate to your NTLMaps folder, type python main.py to start the program

Now how do I tell Linux to direct all Microsoft proxy authentication to NTLMaps?

The instruction is also included in the server.cfg file but you can read the images if that’s better for you.

Navigate to SystemPreferencesNetwork Proxy and select Manual proxy configuration. Enter 127.0.0.1 for HTTP Proxy and port 5865. Make sure you also check the box “Use the same proxy for all protocols.”

Now you are done. All proxy authentication will not be directed back to NTLMaps for process.

Conclusion

This method WORKS. You can browse the internet as well as using apt-get. However, Website access is slower now since you have to authenticate again by going through NTLMaps.