Currently I have configured squid with kerberos and sso 3.3.3 for all computers in the domain and working great. Now, I have to configure a domain computer so they can use many users with free access to internet, but I want them controlled. Then, I want the browser from that MAC user and password request for each user you want to browse. As I can force from the MAC to leave the username and password popup asking? The pc will enter with a generic user domain. This is my setup: auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN --kerberos /usr/local/bin/squid_kerb_auth -i -r -s GSS_C_NO_NAME auth_param negotiate children 100 auth_param negotiate keep_alive on auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN auth_param ntlm children 50 auth_param ntlm keep_alive off auth_param basic program /opt/squid33/libexec/basic_ldap_auth -R -b "dc=domain,dc=com" -D user@xxxxxxxxxx -W /opt/squid33/etc/ldappass.txt -f sAMAccountName=%s -h server.domain.com auth_param basic children 30 auth_param basic realm Proxy auth_param basic credentialsttl 1 minute acl users proxy_auth REQUIRED . . . . .
