Hi all,
I want to use W2K Global domain groups for access to the internet through Squid, e.g. only the domain admins may use the internet through Squid.
I have followed the steps outlined in http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#winbind.
However, I changed
"auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
to
"auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of='ASKESIS\\Domain Admins'"
according to http://www.samba.org/samba/docs/man/ntlm_auth.1.html
I expected that if I try to browse as a Domain Admin I would get access to the internet and a message from Squid otherwise. This did not happen. The Squid cache.log shows only "ERR" as an aswer to the request.
Is it possible to configure this setup to do what I want? If so, is there a (fool proof??) HOWTO available somewhere?
I am using Debian Sarge, kernel 2.6.3-1-686, Samba 3.0.2a-Debian, Winbindd version 3.0.2a-Debian and Squid Cache version 2.5.STABLE5 for i386-debian-linux-gnu.
Groeten,
Joost Kraaijeveld
Askesis B.V.
Molukkenstraat 14
6524NB Nijmegen
tel: 024-3888063 / 06-51855277
fax: 024-3608416
e-mail: J.Kraaijeveld@Askesis.nl
web: www.askesis.nl
Received on Wed May 05 2004 - 04:45:50 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT