On Sat, 2003-03-29 at 07:51, daniel.jarboe@custserv.com wrote:
> http://www.squid-cache.org/Doc/FAQ/FAQ-23.html will prove very helpful.
> You need samba --with-winbind and --with-winbind-auth-challenge, and
> join the domain for squid's ntlm authentication to work. The winbind
> and windows domain server stuff is in samba's smb.conf. Smbd and nmbd
> won't need to run, but winbindd will.
These are different helpers. The NTLM SMB helper (ntlm_auth) also works.
winbindd is definately a preferred option though.
> Also in squid.conf, you'll need to put the ntlm auth_param's before the
> basic auth_param's, if you want non ntlm-enabled web-clients to fallback
> to basic, and IE to try ntlm first.
>
> > As I've been writing this, it has dawned on me that I'm not actually
> > specifying the Windows domain server anywhere in the conf files. Does
> > ntlm_auth broadcast on the local network to find a domain controller?
ntlm_auth needs the name of the DC, not the domain. Again - just run it
with -? and it's help should tell you this.
Rob
-- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:25 MST