当Synaptic遇上ISA

在我们研发部的办公室，可以上研发网和办公网。研发网无需代理，办公网则使用微软的ISA代理上网，这给Linux下的应用程序带来很多困扰。并非它们不支持代理，相反几乎都支持代理。无奈的是ISA用NTLM验证用户，除了FireFox，其它程序即使设置了账号也不能通过认证。即便是FireFox保存了账号和口令，每次启动还是需要多按一下回车。

其他的可以不上，软件不能不下。Synaptic遇上ISA，并且需要认证，那就基本报废了。微软永远不和竞争对手兼容，自由软件却想方设法和各种主流软件兼容。源中有ntlmaps，一个会NTLM认证的代理服务器。用它在本机为各个需要访问互联网的程序作代理，就能通过ISA的NTLM认证了。从源安装，根据提示简单设置。若还不能用，手动修改/etc/ntlmaps/server.cfg。只要将用户名密码和登陆的域设置了即可。

NTLM Authorization Proxy Server
'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server (e.g. ISA server) using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

Main features:
* supports NTLM authentication via parent proxy server
(Error 407 Proxy Authentication Required)
* supports NTLM authentication at web servers
(Error 401 Access Denied/Unauthorized)
* supports translation of NTLM scheme to standard "Basic"
authentication scheme
* supports the HTTPS 'CONNECT' method for transparent tunnelling
through parent proxy server
* has ability to change arbitrary values in client's request headers;
* supports unlimited number of client connections
* supports connections from external hosts
* supports HTTP 1.1 persistent connections
* stores user's credentials in config file or requests
password from a console during the start time