Squid with NTLM -- groups from SAM_LOGON reply to squid?
Andrew Bartlett
abartlet at samba.org
Fri Apr 25 14:20:17 GMT 2003
On Sat, 2003-04-26 at 00:14, Volker Lendecke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi!
>
> I'd like to have my squid with NTLM configured in a way that I can say
>
> acl internet_user proxy_auth @nt-group
>
> in /etc/squid.conf. No idea if this would be a correct syntax in a
> squid extension, I have not looked at that yet. Would it be
> possible/desired to return the group SIDs in the auth_crap (I love
> this name :-)) response from winbind?
We do, for Samba - in an info3 blob :-)
If you would like to parse that info3 into a text format, to be put in
the 'extra data' portion of the winbind reply, I would have no
objections.
That way, we can also have other apps reading this data, which I think
would be a 'good thing'. Just add another flag to the auth_crap
request.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030426/b45c2c9a/attachment.bin
More information about the samba-technical
mailing list