Proxy Server Does Not Correctly Authenticate DPA

The information in this article applies to:

• Microsoft Proxy Server version 1.0
• Microsoft Windows NT Server version 4.0
• Microsoft Internet Information Server version 3.0

SYMPTOMS

When you use Microsoft Distributed Password Authentication (DPA) instead of Microsoft NTLM Authentication on Microsoft Proxy Server, users that are allowed access to the proxy server will be granted access. However, users that are not members of the group that has been granted access to the Proxy Server will experience a looping condition on browser.

Administrators of the Proxy Server will see log files grow rapidly and will notice that the Proxy Server is busy trying to authenticate user logon requests.

CAUSE

Proxy Server was not designed to use Microsoft Distributed Password Authentication.

WORKAROUND

Microsoft Proxy Server has been fixed to provide support for Microsoft Distributed Password Authentication. The fix is installed by stopping all of the Microsoft Internet Information Server (IIS) Services that may be running on the Proxy Server and replacing the W3proxy.dll file.

STATUS

Microsoft has confirmed this to be a problem with Microsoft Proxy Server version 1.0. This problem was corrected in the latest U.S. Service Pack for Microsoft Windows NT version 4.0. For information on obtaining the Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces):

S E R V P A C K