Re: [SQU] Setting up NTLM as a domain authenticator transparently ?

From: Craig Fels <csfels@dont-contact.us>
Date: Mon, 26 Feb 2001 15:10:34 -0600

> You've been very helpful so far, wondering if you could explain a little
> furthur,
>
> 1. Does samba need to be installed to communicate with the domain
> controller?

NO.

>
> 2. What should the acl line look like to verify aguinst a group in the
> domain?

Can't be done. The acl must be like:
acl acl_name proxy_auth domain\userid domain\userid2 domain\userid3
-or-
acl acl_name proxy_auth '/path/to/text/file/'

>
> 3. Does the old authenticate_program_ntlm still apply or should we be
using
> the auth_param ntlm /usr/local/bin/ntlm_auth domainname/IPofDomain?

auth_param ntlm program /usr/local/bin/ntlm_auth domain/domain+controller

>
> 4. is theire anything we're missing here on our end?

check your squid.conf.default for anything I've missed that is needed in
squid.conf

> Your help s greatly appreiceated in defeating that which is MS Proxy 2.0

No problem. I'll help when I can!

Craig

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Mon Feb 26 2001 - 14:14:05 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:12 MST