|
KB1001.034 Problem: Firewall or proxy authentication fails This article applies to Domain Time II. Last updated: 9/3/2003
Problem
Details
In addition to configuring the ports (see KB1001.033), you may need to configure permissions. This is especially true when using Microsoft's Proxy Server with the client-side WinProxy option. WinProxy sends the logged-on user's credentials to Proxy Server, and Proxy Server decides whether or not to allow the traffic based on who is requesting it. When you test a program like Domain Time using its control panel applet test buttons, everything may seem to work fine. However, when you examine Domain Time's log, you see that the service was unable to connect to its time sources. This is because you, the logged-on user, have one set of credentials, and the service, running in the background, has its own credentials. Changing your browser's settings or logging on as a different user will not correct the problem. You must instead tell Proxy Server that it should allow traffic from the Domain Time service in addition to traffic from people using browsers or other foreground programs.
Solution
If you are using the Domain Time over HTTP protocol with a web proxy (either Microsoft's Proxy Server or another proxy server) or going through a firewall in addition to going through a proxy, you may need to add System and/or LocalSystem to the list of authorized users on the web proxy or firewall, too. If you are using the SOCKS4 proxy (again, either on Microsoft's Proxy server or another proxy server), you may need to add the user DomTime to the list of authorized users for the SOCKS4 protocol. When Domain Time uses SOCKS4, it fills in the username field with DomTime. Some SOCKS4 proxies care about this information, and some don't. Only experimentation will enable you to determine if you need to add this pseudo-user.
See also
|
Documentation copyright © 1995-2009 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.