Hi, I have do the same thing that you searching for, by using Samba(nmbd,smbd,winbindd), Squid, Kerberos5, I used NTLM authentification because it's more secure than the others like NT Domain (plaine text password cached with Wireshark ;) ), NTLM is not provided with Squid/pfSense but you can patch Squid to use it( what I have done), A other thing is to create a precompiled packege of Samba that containse ADS support to connect to the active directory and install it on your pfSense. I don't see the need of the Captive Portail because in my case the authentification into the AD is done by openiong the session of Windows if this session is in the AD, to searf into internet too ;).
Hope this will help ;) -- Younes EL AMRAOUI *Engineering Student at ESIREM.* *Computer Science Engineering School.* * * *Dijon ,FRANCE .*
