>My sperator is +
Ok, then you simply separate domain and group with a plus. It doesn't need
to be escaped.
>I've tried all kinds of things:
>
>auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=domain\\"Domain Users"
>auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="domain\\Domain Users"
>auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="domain\Domain Users"
>auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="domain\\Domain Users"
>auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="Domain Users"
Well, none of those actually look right:)
I am guessing of the built in group you want to actually use is
"Domain Users" then your syntax would be:
--require-membership-of=domain+Domain\ Users
If your using the domain name in the string, then make sure:
winbind use default domain = false
Also, not knowing your domain name, mine has a "-" in it, so
I write my string like this:
--require-membership-of=domain\-name+Squid
I suggested you run it manually, you'll see what's going on immediately.
(Or check the logs :>)
From the console on my proxy:
#/usr/bin/ntlm_auth --require-membership-of=DOMAIN\-NAME+Domain\ Users --username=jcasale
password:<...>
NT_STATUS_OK: Success (0x0)
HTH...
jlc
Received on Thu Jul 30 2009 - 01:25:23 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 30 2009 - 12:00:05 MDT