Squid with NTLM -- groups from SAM_LOGON reply to squid?
Alexander Bokovoy
a.bokovoy at sam-solutions.net
Fri Apr 25 14:50:46 GMT 2003
On Sat, Apr 26, 2003 at 12:20:17AM +1000, Andrew Bartlett wrote:
> > I'd like to have my squid with NTLM configured in a way that I can say
> >
> > acl internet_user proxy_auth @nt-group
> >
> > in /etc/squid.conf. No idea if this would be a correct syntax in a
> > squid extension, I have not looked at that yet. Would it be
> > possible/desired to return the group SIDs in the auth_crap (I love
> > this name :-)) response from winbind?
>
> We do, for Samba - in an info3 blob :-)
>
> If you would like to parse that info3 into a text format, to be put in
> the 'extra data' portion of the winbind reply, I would have no
> objections.
>
> That way, we can also have other apps reading this data, which I think
> would be a 'good thing'. Just add another flag to the auth_crap
> request.
... And put it supported in ntlm_auth :)
--
/ Alexander Bokovoy
---
Beauty and harmony are as necessary to you as the very breath of life.
More information about the samba-technical
mailing list