Re: [squid-users] NTLM questions (sorry)

True, but all of this applies when using the winbind ntlm helper, not
the SMB ntlm helper..

For the SMB ntlm helper to work Squid need to either be on the same
broadcast segment as the login server(s) used, or the IP addresses of
the servers needs to be specified in /etc/hosts.

Regards
Henrik

daniel.jarboe@custserv.com wrote:
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-23.html will prove very helpful.
> You need samba --with-winbind and --with-winbind-auth-challenge, and
> join the domain for squid's ntlm authentication to work. The winbind
> and windows domain server stuff is in samba's smb.conf. Smbd and nmbd
> won't need to run, but winbindd will.
>
> Also in squid.conf, you'll need to put the ntlm auth_param's before the
> basic auth_param's, if you want non ntlm-enabled web-clients to fallback
> to basic, and IE to try ntlm first.
>
> > As I've been writing this, it has dawned on me that I'm not actually
> > specifying the Windows domain server anywhere in the conf files. Does
> > ntlm_auth broadcast on the local network to find a domain controller?
> >
>
> Good luck,
> ~ Daniel
>
> -----------------------------------------------------------------------
>
> This message is the property of Time Inc. or its affiliates. It may be
> legally privileged and/or confidential and is intended only for the use
> of the addressee(s). No addressee should forward, print, copy, or
> otherwise reproduce this message in any manner that would allow it to be
> viewed by any individual not originally listed as a recipient. If the
> reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized disclosure, dissemination, distribution,
> copying or the taking of any action in reliance on the information
> herein is strictly prohibited. If you have received this communication
> in error, please immediately notify the sender and delete this message.
> Thank you.
Received on Fri Mar 28 2003 - 15:12:26 MST