[Samba] Samba & Squid NTLM Auth
Deyan Stoykov
dstoykov at uni-ruse.bg
Wed Apr 13 04:20:47 MDT 2011
Tobias Meier wrote:
> Hi
>
> I'm using Samba/Winbind(ntlm_auth) to handle NTLM requests from a Squid
> proxy. Everything works fine with local PDC mode and also in domain member
> mode.
>
> There is only one thing which isn't very nice for end-users. If you try to
> surf over the authenticated proxy with a Windows client which is not member
> of the domain, the browser (problem only occurs with IE) will use hostname
> as domain name for NTLM authentication. So if you just enter username and
> password it will not work. You have to enter the whole domain\username (and
> of course password) combination.
>
> My question is, are there any methods to tell ntlm_auth or winbind to simply
> ignore domain, sent by client, and always use samba configured domain on the
> proxy host?
> (The "winbind use default domain" directive will only work if there is no
> domain given by the client)
>
> I'm using Samba 3.5.6 from FreeBSD ports on a fully updated FreeBSD 8.2.
Add this to smb.conf on the squid machine:
map untrusted to domain = yes
Regards,
Deyan
--
Deyan Stoykov, dstoykov at uni-ruse.bg
System administrator
Computing and Information Services Center
University of Ruse
More information about the samba
mailing list