Did someone ever encounter a problem with:
Fedora 15 + Samba (samba-3.5.8-68.fc15.1.x86_64) + Squid (squid-3.1.14-1.fc15.x86_64) basic authentication through AD?
NTLM authentication works fine, but i wanted the basic authentication to work also.
Here's what's happening now:
If the user signed in to the computer and uses internet explorer or firefox, browsers are not asking for any username/password at all. That is NTLM authentication should work, and it is working.
But I don't like this setup, because every computers on the network are not owned by any individual, i mean a lot of users are also using every computers not just one. And instead of logging out with the current account and other user sign in to use the computer to browse, this is where basic authentication will come in.
Meaning i will removed the NTLM(/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp) entry on the squid.conf file and just leave the basic (/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic).
Now who ever signed in to the computer, and who ever wants to use the browser and go to the Internet, it will prompt for a username/password and still winbindd should be able to authenticate that account on AD.
But this is not working..i don't know if this is a bug with fedora15, samba or squid. The browser keeps on asking the username/password even though you are entering the correct one.
I read a lot about winbindd_privileged issue (even non fedora related linux), to comment the cache_effective_group in squid.conf and changed the group(wbpriv) of this folder to squid, but that did not solve the problem.
Via the command prompt of the Fedora linux, all test to make sure you are connected to AD are all working, it even validates a username/password.
I have an older Fedora 10 and Fedora 11(4 servers) currently having this setup and it is working fine. But I wanted to upgrade the old server to a new fedora server/machine.
Any help would be greatly appreciated.