NTLM
Configuration Variable | Data Type | Description |
---|---|---|
proxy.config.ntlm.auth.enabled | INT |
Default: 0 Enables (1) or disables (0) NTLM proxy authentication. |
proxy.config.ntlm.dc.list | STRING |
Default: NULL A comma-separated list of domain controller hostnames. The format is: host_name[:port] [%netbios_name] or IP_address[:port] [%netbios_name] If you are using Active Directory 2008, you must include the netbios_name or use SMB port 445. |
proxy.config.ntlm.dc.load_ balance | INT |
Default: 0 Enables (1) or disables (0) load balancing. When enabled, Content Gateway balances the load when sending authentication requests to the domain controllers. Note: When multiple domain controllers are specified, even if load balancing is disabled, when the load on the primary domain controller reaches the maximum number of connections
allowed, new requests are sent to a secondary domain controller as a short-term failover provision, until such time that the primary domain controller can accept new
connections.
|
proxy.config.ntlm.dc.max_ connections | INT |
Default: 10 Specifies the maximum number of connections Content Gateway can have open to the domain controller. |
proxy.config.ntlm.cache.enabled | INT |
Default: 1 Enables (1) or disables (0) the NTLM cache. Applies only when Content Gateway is an explicit proxy. When disabled, Content Gateway does not store any credentials in the NTLM cache for future use. Content Gateway always sends the credentials to the domain server to be validated. |
proxy.config.ntlm.cache.ttl_ value | INT |
Default: 900 Specifies the number of seconds that Content Gateway stores entries in the NTLM cache. The supported range of values is 300 to 86400 seconds. |
proxy.config.ntlm.cache.size | INT |
Default: 5000 Specifies the number of entries allowed in the NTLM cache. |
proxy.config.ntlm.cache. storage_size | INT |
Default: 15728640 Specifies the maximum amount of space that the NTLM cache can occupy on disk. This value should be proportionate to number of entries in the NTLM cache. For example, if each entry in the NTLM cache is approximately 128 bytes and the number of entries allowed in the NTLM cache is 5000, the cache storage size should be at least 64000 bytes. |
proxy.config.ntlm.cache_ 0exception.list | STRING |
Default: NULL Holds the list of IP addresses and IP address ranges that will not be cached. This variable gets its value from the Content Gateway manager NTLM Multi-Host IP addresses field. The exception list is a comma separated list that can contain up to:
|
proxy.config.ntlm.fail_open | INT |
Default: 1 Enables (1) or disables (0) whether client requests are allowed to proceed when authentication fails due to:
Note: Password authentication failures are always failures.
|
proxy.config.ntlm.check_ account_passwd | INT |
Default: 0 Enables (1) or disables (0) whether Content Gateway will create a log file entry when users are locked out after multiple failed password errors. Filter. config can be edited for user agents causing the lockout. Note: This variable must be added to the config file and should only be used for debugging purposes and then disabled.
|