[Samba] winbindd: Exceeding 200 client connections, no idle connection found

Elvar elvar at elvar.org
Tue Jun 3 03:07:11 GMT 2008

Jason Haar wrote:
> Elvar wrote:
>> I meant to respond to this a long time ago and I'm sorry for the 
>> delay. Yes, I'm using NTLM to authenticate the users to Active 
>> Directory requiring specific group membership. If the users don't 
>> belong to group "Internet Access" they are denied out. I can stomach 
>> the lack of encryption, but with basic proxy auth can they still 
>> authenticate to AD?
> Absolutely. There is no difference in Squid's ntlm_auth functionality 
> between choosing Basic or NTLM/Negotiate. ie you can still do 
> group-based access controls using Basic.

Ok, I set this up using only basic and not NTLM and the problem I'm 
seeing is that it prompts the users for their credentials instead of 
passing automatically in the background. With NTLM they don't have to 
type in their username and password which is what I need. They will 
never be ok with having to type in their creds all the time. I'm 
guessing I'm stuck with NTLM then?


More information about the samba mailing list