Short summary of the needed steps: build samba with the winbindd channel enabled for client auth. Get squid 2.5Stable 3. DO NOT use stable 1. Really. build with --enable-auth=ntlm --enable-ntlm-auth-helpers=winbind --with-samba-sources=/path/to/samba.headers
follow the samba FAQ on joining the domain. start winbindd - wait a few minutes if you have more than one domain controller. check via wbinfo -t that the secret is good. in squid.conf , uncomment and enable the ntlm auth params. Add a proxy auth acl: acl authed proxy_auth REQUIRED and test for it .. in the 'add your acl's here' section http_access deny !mynetworks http_access deny !authed P.S. After the talk tonight, I'm happy field questions on this. Cheers Rob -- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
signature.asc
Description: This is a digitally signed message part
-- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
