Questions and Answers :
Getting started :
Proxy requiring authentication - MS ISA
Message board moderation
Author | Message |
---|---|
Ze'ev Ionis Send message Joined: 27 Jul 99 Posts: 5 Credit: 13,373,776 RAC: 6 |
BOINC 4.05; WinXP SP2; Server running Win2003 SBS with ISA 2000. ISA requires authentication. I have put in all the values into the 'Proxy' dialogue. This has included Domain\\username format as well as just username format. I get back message that BOINC was unable to authenticate. The information is correct. Can anyone suggest anything? Would like to, if possible, not change ISA configurations. All other programs work with IE proxy credentials, or with my domain\\username & password combo. Ze'ev ZI |
MovedGoalPosts Send message Joined: 1 Jun 04 Posts: 4 Credit: 2,053 RAC: 0 |
Did you ever find a solution? If you did reconfigure your ISA server, can you give me a clue on what to change from the defaults? I too cannot get past my ISA server 2000 with BOINC (currently v 4.13) on any Windows XP Pro workstations. |
Ze'ev Ionis Send message Joined: 27 Jul 99 Posts: 5 Credit: 13,373,776 RAC: 6 |
> Did you ever find a solution? If you did reconfigure your ISA server, can you > give me a clue on what to change from the defaults? I too cannot get past my > ISA server 2000 with BOINC (currently v 4.13) on any Windows XP Pro > workstations. > I have a solution ... but don't like it much. BOINC uses clear text user id and password to authenticate to the FW. So, you need to enable outgoing requests to use basic as well as integrated security credentials. You do this in ISA Server MMC Console, Servers and Arrays, "Server Name". Right click on the Server name, select Properties, choose outgoing web requests. Select the server name again, and choose edit. You can change the configuration there. Hope that helps! ZI |
MovedGoalPosts Send message Joined: 1 Jun 04 Posts: 4 Credit: 2,053 RAC: 0 |
> I have a solution ... but don't like it much. BOINC uses clear text user id > and password to authenticate to the FW. So, you need to enable outgoing > requests to use basic as well as integrated security credentials. You do this > in ISA Server MMC Console, Servers and Arrays, "Server Name". Right click on > the Server name, select Properties, choose outgoing web requests. Select the > server name again, and choose edit. You can change the configuration there. > > Hope that helps! > Thanks. The big concern of something like that is whter it would allow users to bypass the ISA requests. As boinc will be run as a service, the network users hopefully would be unaware of any settings, so adding in an alternate proxy setting in boinc wouldnt be readily found by users to enable a bypass, if that makes sense. After a lot of time and effort, I've managed to use something called NTLM Authorisation Proxy Server. This runs under Python, an interpreter language. APS is available here: http://apserver.sourceforge.net/ and Python here: http://www.python.org/ APS can run on any single machine in the network, even on the same machine which hosts the ISA server. The downside is that APS runs in a command line, so to be effective in Windows, the command line box has to be active, albeit it can be minimised. I was eventually pointed at this thread: http://setiweb.ssl.berkeley.edu/forum_thread.php?id=25 which explains the basic setup. My latest difficulties have been in getting the APS to run as a service so I can forget about it. I think I've succeeded with a lot of help from dunc on OCUK: http://forums.overclockers.co.uk/showthread.php?s=&threadid=17308080&perpage=30&pagenumber=1 |
©2024 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.