RE: [squid-users] winbind and samba

To better clear this up.

I am currently running Squid-2.5.STABLE3 (Also did it with STABLE2) in
my Windows 2000 "Native Mode" environment.

All native mode does is turn on certain functionality of the new Windows
2000 Environment like Universal Groups and having the ability to put
Groups inside other Groups.

IT also has the ability to up the level of security needed to talk with
Windows 2000 server just as Windows 2003 has. But that functionality can
be dumb down. I talking about the Authentication Method. LanMan / NTLM /
NTLM v2 / Kerberos Blah...

In short, If you can get Samba to talk with your server it will work. If
it doesn't talk with your server after flipping that magic switch, then
all you have to do is tell your DC to dumb down, or allow for the old
auth protocols. (I did not have to do this except at my home network
running 2003 from a straight install)

You will be fine as long as you have the right software (versions etc.)
I would tell you it will work, but I don't run your network so I can't
be that confident. But it works here for me and at other places where I
run. So you will be fine.

Joseph M Siegmann
CISSP, CCNA, CCDA, MCSE, MCT

-----Original Message-----
From: Serassio Guido [mailto:guido.serassio@acmeconsulting.it]
Sent: Thursday, July 17, 2003 6:01 AM
To: jturner@bsis.com.au; Henrik Nordstrom
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] winbind and samba

Hi Jay,

At 11.19 17/07/2003, Jay Turner wrote:

>Hi Guido,
>
>I found your post from February regarding this issue and I now
understand
>what you are saying.
>
>As I will be connecting to a pre-existing AD that was not setup by me,
could
>you tell me where I could find in Windows 2000 server that will tell me
if
>the AD is configured for "Pre Windows 2000 compatibility"??
>
>If the server has not been configured for pre-compatibility, am I able
to
>change a setting somewhere so that it will be?

Look here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;303973

Regards

Guido

>Thanks for your help
>Jay
>
>-----Original Message-----
>From: Serassio Guido [mailto:guido.serassio@acmeconsulting.it]
>Sent: Thursday, 17 July 2003 5:11 PM
>To: jturner@bsis.com.au; Henrik Nordstrom
>Cc: squid-users@squid-cache.org
>Subject: RE: [squid-users] winbind and samba
>
>
>Hi,
>
>At 09.37 17/07/2003, Jay Turner wrote:
>
> >And isn't this compatibility known as "mixed-mode"??
>
>No, If your squid works fine in mixed-mode, it works on native mode
too.
>
>What is needed for running Squid + NTLM + Winbind + Samba + AD is the
"Pre
>Windows 2000 compatibility" configured during the installation of AD
>(DCPromo of the FIRST DC in the domain). As say Henrik, see previous
posts
>for more details.
>
>Regards
>
>Guido
>
> >-----Original Message-----
> >From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> >Sent: Thursday, 17 July 2003 2:55 PM
> >To: jturner@bsis.com.au; Tony Grace; 'squid'
> >Subject: Re: [squid-users] winbind and samba
> >
> >
> >On Thursday 17 July 2003 07.07, Jay Turner wrote:
> >
> > > I have had it working no worries against 2000 server's in
> > > mixed-mode, but have read conflicting reports about NTLM in native
> > > mode.
> >
> >If wbinfo -a says challenge/response works then it is fine.
> >
> >This requires compability with NT4 to be enabled in the directory.
> >
> >Regards
> >Henrik

-
========================================================
Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Thu Jul 17 2003 - 08:05:08 MDT