How To Configure ISA Proxy/Auth Setting For Yum

Want to support HowtoForge? Become a subscriber!
 
Submitted by rizwan (Contact Author) (Forums) on Tue, 2010-02-02 11:40. :: CentOS

How To Configure ISA Proxy/Auth Setting For Yum

I was running CentOS in my LAN for my personal use and there are MS ISA servers for proxying and each user has to use his/her user name & password for Internet. So when I used my credentials in my web browser I had no problem but when I was going to do yum no success. After some googling I found this solution.

What is'NTLM Authorization Proxy Server'?

'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python.

Main features:

  • supports NTLM authentication via parent proxy server (Error 407 Proxy Authentication Required);
  • supports NTLM authentication at web servers (Error 401 Access Denied/Unauthorized);
  • supports translation of NTLM scheme to standard "Basic" authentication scheme;
  • supports the HTTPS 'CONNECT' method for transparent tunnelling through parent proxy server;
  • has ability to change arbitrary values in client's request headers;
  • supports unlimited number of client connections;
  • supports connections from external hosts;
  • supports HTTP 1.1 persistent connections;
  • stores user's credentials in config file or requests password from a console during the start time;
  • supports intelligent failure detection and failover between multiple upstream proxies;

Download the ntlm rpm via your browser; because in my case Internet is working in firefox but not for yum you can also download on other pc and after that scp is the option for you.

ftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/n/project/nt/ntlmaps/OldFiles/ntlmaps-0.9.9.6-1.i386.rpm

Just do copy&paste in your browser.

Open a terminal:

rpm -Uvh ntlmaps-0.9.9.6-1.i386.rpm

After that just edit server.cfg; you can find all related files by typing:

rpm -ql ntlmaps

In my case:

vi /etc/ntlmaps/server.cfg

and change the following parameters as per your requirements:

PARENT_PROXY:That_will_b_your_MS-Prosy_IP
PARENT_PROXY_PORT:That_will_b_your_MS-Proxy_Server_Port
NT_DOMAIN: That_will_b_Your_windows_Domain_name
USER:That_will_b_your_proxy-user
PASSWORD: That_will_b_your_Proxy-user_Password 

Save & exit.

Now run ntlmaps deamon:

/opt/ntlmaps/main.py

You will see the following output:

NTLM authorization Proxy Server v0.9.9.6
Copyright (C) 2001-2005 by Dmitry Rozmanov, Darryl Dixon, and others.
Now listening at Testbed.abc.com on port 5865

If you see this - congratulations, you are done - otherwise troubleshoot it.

Now you have to export the proxy for yum:

http_proxy= http://127.0.0.1:5865

export http_proxy

Done!


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by awan (registered user) on Wed, 2010-02-03 07:52.

Online community needs to see more of your howto's.

regards

--

Oz

Submitted by Anonymous (not registered) on Wed, 2010-02-03 22:51.
Does NTLM support other protocols? ssh, ftp, jdbc, etc? Or is it not possible to tunnel that kind of applications through a Microsoft ISA server from a Linux client?