Squid with NTLM -- groups from SAM_LOGON reply to squid?

Alexander Bokovoy a.bokovoy at sam-solutions.net
Fri Apr 25 14:50:46 GMT 2003

On Sat, Apr 26, 2003 at 12:20:17AM +1000, Andrew Bartlett wrote:
> > I'd like to have my squid with NTLM configured in a way that I can say
> > 
> > acl internet_user proxy_auth @nt-group
> > 
> > in /etc/squid.conf. No idea if this would be a correct syntax in a
> > squid extension, I have not looked at that yet. Would it be
> > possible/desired to return the group SIDs in the auth_crap (I love
> > this name :-)) response from winbind?
> We do, for Samba - in an info3 blob :-)
> If you would like to parse that info3 into a text format, to be put in
> the 'extra data' portion of the winbind reply, I would have no
> objections.
> That way, we can also have other apps reading this data, which I think
> would be a 'good thing'.  Just add another flag to the auth_crap
> request.
... And put it supported in ntlm_auth :)

/ Alexander Bokovoy
Beauty and harmony are as necessary to you as the very breath of life.

More information about the samba-technical mailing list