We have a mixed 2k -> 2k8r2 environment. Currently I am using ntlm_auth and Samba for the 2k machines, and squid_kerb_auth/squid_ldap_auth for the newer machines to manage access based on AD group membership. Do I understand correctly that if I use squid_kerb_ldap with the -N I can provide group authentication for Kerb and NTLM based clients without an ldap bind account for our AD ldap server that does not accept anonymous binds? Thanks, jlc
