It is OK if you only have a single domain. If there is domain trusts
to other domains then you have lost the ability to differentiate the
same user name in the trusted domains from your own domain..
Because of this, the domain component should only be ignored if well
known to be the "default domain".
Regards
Henrik
On Tuesday 04 March 2003 09.58, Prasanta kumar Panda wrote:
> I chose the option 'a' and modify
> libntlmssp.c(/helpers/ntlm_auth/SMB) to return 'user' instead of
> the default 'credentials' and got my things done. But don't know is
> this the correct way to do this?
>
> Reg.
> Prasanta
>
>
>
>
> -----Original Message-----
> From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> Sent: Monday, March 03, 2003 3:43 PM
> To: Prasanta kumar Panda; squid-users@squid-cache.org
> Subject: Re: [squid-users] ntlm and domain\user
>
>
> Your problem can be solved by a little of coding in either
>
> a) Squid, to strip out well known domains from NTLM authentication.
>
> b) In SquidGuard, to do the same..
>
> c) In a glue between Squid and SquidGuard, to do the same..
>
> Regards
> Henrik
>
> On Monday 03 March 2003 04.56, Prasanta kumar Panda wrote:
> > Hi All,
> >
> > I tried NTLM Authentication today and it worked fine.
> >
> > But all my basic users become domain\user in access.log and ident
> > send
> >
> > to squidGuard process as the squidGuard restrictions are ident
> > dependent.
> >
> > Just wondering if squid can be configured to strip the domain
> > part so that I need not have to maintain two set of users i.e.
> > user and domain\user in my access files both for squid as well as
> > squidGuard. I need to support both NTLM as well Basic
> > Authentication and I have a very huge userlist already and with
> > this the list will get doubled.
> >
> >
> > Reg.
> > Prasanta
Received on Tue Mar 04 2003 - 02:22:28 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:55 MST