Search squid archive

Squid, Samba3 and winbind with NTLM authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am using Squid, Samba3 and winbind with NTLM authentication with a
proper configuration for samba, krb5.conf and squid.conf as follows:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

The solution works great for computers who are joined to Active
Directory domain however i have a couple of questions regarding
clients that are NOT joined:

1- a NON-joined client using IE will have to logon using
realm/username and passwd. Is there a way to make him authenticate
with only his username and passwd ?
NB:It works fine with other browsers such as Firefox.

2- If you use IE with this NTLM auth (on an NON-joined pc) and select
the 'save password' checkbox the password gets stored in the registry
as if it was for a network location. To delete the record you will
have to run
"rundll32.exe keymgr.dll, KRShowKeyMgr"
This is causing real problems to users. Have you encountered this? and
were you able to figure a way out?

Thanks again,
Samerk

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux