Microsoft KB Archive/252877

From BetaArchive Wiki
Knowledge Base

Microsoft Proxy and the Ident Protocol

Article ID: 252877

Article Last Modified on 8/6/2002


  • Microsoft Proxy Server 2.0 Standard Edition

This article was previously published under Q252877


Microsoft Proxy Server includes an Ident server (also called an "Ident Daemon" or "Identd") that responds to Ident queries from the Internet.

Some Internet servers (typically FTP, SMTP, and IRC servers) require identification from a client before providing services to the client. This is accomplished by the server sending an Identification protocol query to the client. When the client is located behind a proxy server, the Ident request is dropped by the proxy and never reaches the client.

Running the Identd Simulation service included with Proxy Server versions 1.0 and 2.0 causes the proxy server to respond to the Ident query on behalf of the client. The proxy server always responds to the Ident query with a random user identification string.

To install and configure the Identd Simulation service:

  1. On the computer that is running Proxy Server, create a folder named Identd.
  2. Copy the Identd.exe file from the Identd\Platform folder on the Proxy Server CD-ROM to the folder you created in step 1.
  3. At a command prompt, change to the Identd folder on the server, and then type identd -install. (To uninstall the service, type identd -uninstall.)
  4. At the command prompt, type net start identd. (To stop the service, type net stop identd.)


Client computers on an internal network that are using the Proxy Server Winsock Proxy or SOCKS Proxy services for Internet connectivity do not properly respond to Ident requests because they never receive the query. When a client connects to the Internet through the proxy server, the proxy listens for an incoming response from the Internet and passes the response back to the internal client. The Ident request from the Internet server is unsolicited (the client did not actively request an Ident query), so Proxy Server drops the request (because it is not expected).

Internet servers that are requesting, but not requiring an Ident response wait 30 seconds or more before resuming communication with the client. This causes the appearance of a network delay for the client. Using the Identd Simulation service resolves this delay by responding to the request.

Internet servers that require a response terminate communication with the client if an Ident query response is not received within a specified time-out period. Using the Identd Simulation service resolves this delay by responding to the request.

Using the Identd Simulation service does not allow a client to communicate with an Internet server that requires a specific response because the Identd Simulation service returns a random string as a response to the query.

For more information about the Ident protocol, please see RFC 1413 ("Identification Protocol").

Keywords: kbinfo KB252877