[squid-users] NTLM Auth without SAMBA

From: Flavio Borup <[email protected]>
Date: Tue, 27 Apr 2004 11:16:54 -0300

I'm really confused, please help me.

I want to make Squid 2.5 (most of the time on RH9) to verifiy if the
user was authenticated in a MS Domain
I have a customer with this feature, using fakeauth. In the Logs, the
names of the users are not important, the important, is: The user must
be an authenticated user. The Browser, also, must be configured to be
Proxy Client.

How can i compile Squid to support NTLM authentication?

Some oppinios are very differente and use differente ./configure
parameters, as we can see here:
Some use NTLMSSP, some uses fakeuauth, som uses both...

1st guy:
" I use: '--enable-ntlm-auth-helpers=NTLMSSP fakeauth no_check'

2nd guy
Here is my squid compile parameters:
--enable-ntlm-auth-helpers="fakeauth,no_check,SMB,winbind" \

3rd guy:
2. howto get NTLM authentication working
- download the source
- configure with (at a minimum) --enable-ntlm-authentication and
--enable-ntlm-auth-modules=NTLMSSP

Here the squid.conf of a custome wich succesfully authenticate user
before grant internet access

=== Sample ===
auth_param ntlm program /usr/local/squid/libexec/fakeauth_auth
DOMAIN/SERVERNAME
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
acl DOM proxy_auth_regex -i DOMAIN\\
http_access allow DOM
http_access deny all
=== Sample ===
Received on Tue Apr 27 2004 - 08:23:06 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT