Environment
Novell SUSE Linux Enterprise Server 10
Novell SUSE Linux Enterprise Desktop 10Novell Open Enterprise Server 2 (Linux based)
Situation
Patches offered by Novell need to be mirrored and made available to the local network by using yup. Access to the internet is controlled by a Microsoft ISA proxy solution which requires NTLM authentication. yup fails to sync the patches as the proxy denies network access due to authentication issues. Looking at the output of yup, the following error is experienced:
ERROR: < HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. )
Resolution
Asyupusescurlto fetch the updates the following options needs to be added to YUP_CURLPARAMS="" in /etc/sysconfig/yup
--proxy-ntlm --proxy-userUSERNAME:PASSWORD --proxy http://URL:PORT
In case the connection still fails with the new options please check the password and set one without special characters inside.
Additional Information
This is the error log from a failed attempt:
* About to connect() to proxy proxy.local port 8080
* Trying 192.168.1.253... connected
* Connected to proxy.local (192.168.1.253) port 8080
* Establish HTTP proxy tunnel to nu.novell.com:443
* Proxy auth using Basic with user ''GROUP\username''
* Server auth using Basic with user 'ID'
> CONNECT nu.novell.com:443 HTTP/1.0
> Host: nu.novell.com:443
> Proxy-Authorization: Basic STRING
> User-Agent: curl/7.15.1 (x86_64-suse-linux) libcurl/7.15.1 OpenSSL/0.9.8a zlib/1.2.3 libidn/0.6.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. )
< Via:1.1 HOST
< Proxy-Authenticate: NTLM
< Proxy-Authenticate: Basic realm="host.local"
* Authentication problem. Ignoring this.
< Proxy-Authenticate: Kerberos
< Proxy-Authenticate: Negotiate
< Pragma: no-cache
< Cache-Control: no-cache
< Content-Type: text/html
< Content-Length: 2376
<
* Received HTTP code 407 from proxy after CONNECT
* Closing connection #0
* About to connect() to proxy proxy.local port 8080
* Trying 192.168.1.253... connected
* Connected to proxy.local (192.168.1.253) port 8080
* Establish HTTP proxy tunnel to nu.novell.com:443
* Proxy auth using Basic with user ''GROUP\username''
* Server auth using Basic with user 'ID'
> CONNECT nu.novell.com:443 HTTP/1.0
> Host: nu.novell.com:443
> Proxy-Authorization: Basic STRING
> User-Agent: curl/7.15.1 (x86_64-suse-linux) libcurl/7.15.1 OpenSSL/0.9.8a zlib/1.2.3 libidn/0.6.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. )
< Via:1.1 HOST
< Proxy-Authenticate: NTLM
< Proxy-Authenticate: Basic realm="host.local"
* Authentication problem. Ignoring this.
< Proxy-Authenticate: Kerberos
< Proxy-Authenticate: Negotiate
< Pragma: no-cache
< Cache-Control: no-cache
< Content-Type: text/html
< Content-Length: 2376
<
* Received HTTP code 407 from proxy after CONNECT
* Closing connection #0