Hi all, I want to use W2K Global domain groups for access to the internet through Squid, e.g. only the domain admins may use the internet through Squid.
I have followed the steps outlined in http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#winbind. However, I changed "auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp" to "auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of='ASKESIS\\Domain Admins'" according to http://www.samba.org/samba/docs/man/ntlm_auth.1.html I expected that if I try to browse as a Domain Admin I would get access to the internet and a message from Squid otherwise. This did not happen. The Squid cache.log shows only "ERR" as an aswer to the request. Is it possible to configure this setup to do what I want? If so, is there a (fool proof??) HOWTO available somewhere? I am using Debian Sarge, kernel 2.6.3-1-686, Samba 3.0.2a-Debian, Winbindd version 3.0.2a-Debian and Squid Cache version 2.5.STABLE5 for i386-debian-linux-gnu. Groeten, Joost Kraaijeveld Askesis B.V. Molukkenstraat 14 6524NB Nijmegen tel: 024-3888063 / 06-51855277 fax: 024-3608416 e-mail: [EMAIL PROTECTED] web: www.askesis.nl
