Schemus LDAP Synchronization Tool and Web Client Site Proxy


Article ID: 161527


Updated On:




You are using the Web Client Site Proxy and the Schemus LDAP Synchronization Tool and are experiencing issues with the Schemus sync.


Schemus should not be run through the Client Site Proxy (CSP) as the CSP relies on NTLM Authentication for anything connecting to it sending information. Schemus does not support NTLM Authentication therefore cannot process the Schemus upload. Please do not select the location of your CSP machine as a proxy within the Schemus Wizard set up as uploads will fail.

If you must have port 3128 only for all traffic and therefore have to send the Schemus upload through the CSP the ONLY work around for this is to remove the NTLM Authentication for Schemus within the Schemus Squid configuration file, which looks like this:

 #Bypass for streaming.'customer'.com
 acl schemus dstdomain
 #TAG: Bypass NTLM & Trip
 http_access allow schemus
 always_direct allow schemus

This bypass has to be placed above the following line in the squid file:

 http_access allow authproxy http_access deny all

Please note that this can cause other issues. For instance, if the file is large, the upload may time out and fail.

If you are using the Microsoft Internet Security and Acceleration (ISA) Server you must create the NTLM auth bypass on the ISA.