Greetings again list...
I am attempting to get Squid to authenticate usernames against our
corporate windows 2k AD. So far I have had much luck, but the last step is
beyond my abilities to resolve. Squid will always request the login and
password box when IE is launched. Upon typing in the username and pass, the
user is free to exist within the bounds of the ACL's. However, I would very
much like IE to use NTLM and not ask.
I have tried to follow the FAQ as closely as possible...
Using:
Samba 2.2.6pre2
Squid2.5pre12
IE 6
Win2k SP3
All of the samba parts seem to work find. I can authenticate in cleartext
and encrypted. Shared secret is fine, and I can retrieve lists of users and
groups. The usernames incidentally don't have spaces.
There is one deviation from the FAQ I have noticed however. When I
use wbinfo -u or -g, there is no Domain\username it is only in Username
form. The winbind separator is \, but it just doesn't show up. If I just
enter wbinfo -a username%password it will authenticate anyone on the domain
properly, so I don't think that is the problem. Also, once I manually
authenticate it just lists Username in the auth.log. I have seen a couple
threads about IE6 causing problems, but I have enabled NTLM in the browser.
I am royally stumped on this one. Any help that can be provided is
greatly appreciated.
--------------------------------------------
Paul Norris IT Department Technician
Cunningham Field & Research Service, Inc.
(386) 677-5644 ext. 216
paulnorris@cunninghamresearch.com
Received on Mon Sep 23 2002 - 12:09:31 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:23 MST