On Friday 13 December 2002 16.11, Jairo.Castaņeda wrote:
> Hello all,
>
> First let me explain what I need to do:
> I need that only users belonging to a NT group called Internet surf
> the web. As I'm using squid as my proxy I need to use NTLM
> authentication, right?
Not neccesarily.
You need NTLM authentication if you want the authentication to Squid
to be transparent to your users.
> - Samba's winbindd testing was ok. I got the messages I was
> supposed to get ("secret was good", and wbinfo -a with the NT
> username and password was successful)
There should also be a note about challenge/response authentication.
If not you cannot use NTLM.
> I have some questions regarding NTLM authentication:
> - How do I establish permissions based on NT groups? I didn't see
> that on the FAQ section...maybe I missed it.
It has not yet been documented in the FAQ.
You use the wb_group external_acl helper. See
helpers/external_asl/winbind_group/
> - How can I test from command line if my authentication scheme is
> working...
See the Squid FAQ. The same section who talks about winbind
installation also includes testing of the connection to winbind.
Regards
Henrik
Received on Fri Dec 13 2002 - 14:15:18 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:05 MST