Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1562 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

yahoo messenger and AS SSO

techuser
Hi all
I'm having a problem making yahoo messenger work with http proxy and IM on:
I have configured a group in AD, this group has access to Chat category , I put all the ip addresses of this group in IM exception list skip  yahoo and msn messenger.
when trying to connect using yahoo messenger first if I didn't put the proxy it will not work at all
when I put the proxy it takes long time to connect then an authentication window appears to put my AD user name and password after I write them the log in astaro content filter has this message "NT_STATUS_WRONG_PASSWORD)" although I can surf the internet using my user name and password without any problem 
after poping up many times the authentication window return an error that http proxy authentication failed "see attachment",


This thread was automatically locked due to age.
Parents
  • 0
    From the V7.3 manual:
    After the configuration of the Active Directory is finished, the Active Directory Single Sign-On (SSO) area becomes editable. Note that this facility is currently only used with the HTTP Proxy to provide single sign-on with browsers that support NTLMv2 or Kerberos authentication.

    We generally block IM, so I'm unfamiliar with what you're doing.  Are you expecting some interaction with SSO, or did this work with the AD groups until you turned SSO on?

    Are you expecting the separate, local chat client to work like a web-based one?

    Thanks for the clarification. - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    From the V7.3 manual:
    We generally block IM, so I'm unfamiliar with what you're doing.  Are you expecting some interaction with SSO, or did this work with the AD groups until you turned SSO on?

    Are you expecting the separate, local chat client to work like a web-based one?

    Thanks for the clarification. - Bob

    we also block IM but some users need it so I exclude their IPs from IM blocking but when trying to use the messenger that window came up?
Reply
  • 0 in reply to BAlfson
    From the V7.3 manual:
    We generally block IM, so I'm unfamiliar with what you're doing.  Are you expecting some interaction with SSO, or did this work with the AD groups until you turned SSO on?

    Are you expecting the separate, local chat client to work like a web-based one?

    Thanks for the clarification. - Bob

    we also block IM but some users need it so I exclude their IPs from IM blocking but when trying to use the messenger that window came up?
Children
  • 0 in reply to techuser
    I had to put it in a nat rule to make it work but still don't get why this window came up in the  first place
  • 0 in reply to techuser
    this is the same problem for skybe although putting this ip address in the exception list it still go to web proxy with this log  
    2008:11:03-16:09:23 (none) httpproxy[5921]: [0xa8d558b0] auth_adir_auth_crap_callback (auth_adir.c:739) Authorization denied (NT_STATUS_WRONG_PASSWORD)
    2008:11:03-16:09:23 (none) httpproxy[5921]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="****" user="*****" statuscode="407" cached="0" profile="profile_0" filteraction="" size="2169" time="14 ms" request="0xa8d558b0" url="92.36.170.140:443" error=""  although the user can surf the internet with this password!!!