On tor, 2007-08-30 at 14:44 +0200, Mattias Olsson wrote:
> Hi all!
>
>
> I have successfully installed some new squid servers that are validating
> domain users via ntlm_auth. So nice!
>
> The problem i have now is that my proxy servers are in one domain but i
> have another small domain that also should use them. The smaller domain
> is not a member of the top domain and i am not allowed to set up a trust
> between them.
>
> Is it possible to do some thing like this...
>
> acl SMALLDOMAIN srcdomain SMALLDOMAIN.LOCAL
> http_access allow SMALLDOMAIN
No, the domain of the user is only known when authentication has
completed, at which state it's too late...
What you can do is to run another Squid on another port using the older
SMB based ntlm helper connecting to that domain.
In theory it could also work making Samba a member of both domains, but
I am not sure Samba is capable of maintaining multiple domain
memberships (probably not...)..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT