Multidomain work fine for NTLM but when i try the authentication
with wb_group the users will need an account in this group. Isn´t it?
Authentication in PDC/BDC of DOMAIN1
User1-Group1 in DOMAIN1 autthentication is good.
User1-Group1 in DOMAIN2 bad authentication (user is not in PDC/BDC
of Domain1)
-----Mensaje original-----
De: Henrik Nordstrom [mailto:hno@marasystems.com]
Enviado el: miércoles, 18 de diciembre de 2002 14:00
Para: "García García, "Alberto"
CC: 'squid-users@squid-cache.org'
Asunto: RE: [squid-users] wb_group problems
The use of external_acl or not is unrelated, only activates after
authentication has been successful.
If you have both ntlm and basic auth schemes configured in Squid then
Squid proposes both to the browsers and the browser picks the scheme it
wants to use.
Regards
Henrik
ons 2002-12-18 klockan 13.22 skrev "García García, Alberto":
> Is possible that squid work as ntlm_auth/msnt_basic without external_acl?
> Whwn i use ntlm_auth/msnt if the navigator can´t pass domain/user squid go
> to msnt.
>
> -----Mensaje original-----
> De: Henrik Nordstrom [mailto:hno@marasystems.com]
> Enviado el: miércoles, 18 de diciembre de 2002 12:31
> Para: García García, Alberto; 'squid-users@squid-cache.org'
> Asunto: Re: [squid-users] wb_group problems
>
>
> On Wednesday 18 December 2002 11.58, García García, Alberto wrote:
> > Well, now all work fine (Thank Henrik), but i have two NT DOMAINS.
> > It´s posible that if the users in wb_ntlmauth/wb_group fail go to
> > basic auth?
>
> Only if the browser is willing to do so. There is very little Squid
> can do there.
>
> But multiple domains should work I beleive if you have a trust
> relation between the domains, at least for authentiation. See the
> Samba winbindd documentation if anythin is said there about multiple
> domains.
>
> Regards
> Henrik
>
> Este mensaje de correo electrónico y sus documentos adjuntos están
dirigidos
> EXCLUSIVAMENTE a los destinatarios especificados. La información contenida
> puede ser CONFIDENCIAL y/o estar LEGALMENTE PROTEGIDA y no necesariamente
> refleja la opinión de ENDESA. Si usted recibe este mensaje por ERROR, por
> favor comuníqueselo inmediatamente al remitente y ELIMÍNELO ya que usted
> NO ESTA AUTORIZADO al uso, revelación, distribución, impresión o copia de
> toda o alguna parte de la información contenida. Gracias.
>
> This e-mail message and any attached files are intended SOLELY for the
> addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY
> PRIVILEGED information and may not necessarily represent the opinion of
> ENDESA. If you receive this message in ERROR, please immediately notify
the
> sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose,
> distribute, print or copy all or part of the contained information. Thank
> you.
Este mensaje de correo electrónico y sus documentos adjuntos están dirigidos
EXCLUSIVAMENTE a los destinatarios especificados. La información contenida
puede ser CONFIDENCIAL y/o estar LEGALMENTE PROTEGIDA y no necesariamente
refleja la opinión de ENDESA. Si usted recibe este mensaje por ERROR, por
favor comuníqueselo inmediatamente al remitente y ELIMÍNELO ya que usted
NO ESTA AUTORIZADO al uso, revelación, distribución, impresión o copia de
toda o alguna parte de la información contenida. Gracias.
This e-mail message and any attached files are intended SOLELY for the
addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY
PRIVILEGED information and may not necessarily represent the opinion of
ENDESA. If you receive this message in ERROR, please immediately notify the
sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose,
distribute, print or copy all or part of the contained information. Thank
you.
Received on Wed Dec 18 2002 - 09:13:28 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:08 MST