Dhruv Ahuja wrote: > Hi All > > I am successfully using NTLM authentication in my Fedora 8 Squid and > Windows 2003 Active Directory environment. > > With NTLM in place, the usernames appear to be in the form of > DOMAIN\username, which prevents me for being able to use them in any > LDAP filter within squid.conf to determine, let's say, users' OUs. I'd > rather use OUs to identify the group of people than Windows Groups. > The Windows Group Policy in place is working that way (on OUs). > > I have tried "winbind use default domain = yes" in smb.conf but that > doesn't help. "winbind use default domain = yes" should remove the requirement of DOMAIN\username. Does "/usr/bin/ntlm_auth --username=username" work? > > Everything was working fine in a pure LDAP implementation earlier. > Except the annoying password prompt window at browser startup! So, I > have now switched to NTLM and no longer face that issue. > > All I need now is to keep the usernames of the format "username" > rather than "DOMAIN\username" to get my LDAP filter, or any LDAP > filter at all, working. > > Any ideas? > > Thanks > > -- Dhruv
