Hi,
At 15.50 10/05/2005, Discussion Lists wrote:
Hi All, I am running into a curious problem that I was hoping you all would be able to help me with. I am troubleshooting a problem with a squid config where squid authenticates proxy users against active directory using NT authentication (re: NOT LDAP) and that machine isn't joined to the domain at all. It doesn't work now, but they insist it did work.
This is correct, but with many limitations:
- The AD domain must have "Pre-Windows 2000 Compatible Access" enabled
- The AD domain policies must don't activate any security policy regarding traffic signing
- You must use SMB NTLM authenticator or MSNT basic authenticator
- You cannot check group membership
- NTLMv2 cannot be supported
Does anyone have docs on how to get squid to auth users without being joined to the domain first?
See any docs about SMB and MSNT.
Regards
Guido
- ======================================================== Guido Serassio Acme Consulting S.r.l. - Microsoft Certified Partner Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY Tel. : +39.011.9530135 Fax. : +39.011.9781115 Email: guido.serassio@xxxxxxxxxxxxxxxxx WWW: http://www.acmeconsulting.it/
