[Samba] Samba & Squid NTLM Auth

Tobias Meier schlittae at bluewin.ch
Wed Apr 13 14:47:05 MDT 2011

Deyan Stoykov wrote:
> Add this to smb.conf on the squid machine:
> map untrusted to domain = yes
> Regards,
> Deyan

The parameter seems not to work. I tried it with samba 3.4.9 on the FreeBSD
machine and 3.5.4 on a Ubuntu machine.

I can't authenticate with ntlm_auth without giving the domain prefix before
the username.
I also tried it with wbinfo -a <somestring>\\vailduser and it give me "error
code was NT_STATUS_NO_SUCH_USER (0xc0000064)", with domain\\vailduser it
works. (wbinfo must also work?)

My samba operates as a domain member of an W2008r2 DC. If I use a windows
client to authenticate via NTLM directly to the DC I can use

Maybe there is something wrong with my samba configuration?

  winbind enum users = Yes
  winbind enum groups = Yes
  winbind use default domain = Yes
  map untrusted to domain = yes
  idmap uid = 10000-20000
  idmap gid = 10000-20000
  realm = DOMAIN.LAN
  password server = dc.domain.lan
  security = ads
  workgroup = DOMAIN
  netbios name = samba
  server string = samba


More information about the samba mailing list