This is an old revision of the document!
[gX:~] # /usr/local/etc/rc.d/samba stop [gX:~] # cat /etc/rc.conf … nmbd_enable="NO" smbd_enable="NO" winbindd_enable="YES" … [gX:~] # cd /usr/local/etc/
root@gX:~# /etc/init.d/samba stop root@gX:~# apt-get install winbind root@gX:~# cd /etc/samba
gX# cat smb.conf
[global] workgroup = ADX security = DOMAIN winbind use default domain = Yes
gX# net rpc join -U Administrator Administrators's password: Joined domain ADX
[gX:~] # /usr/local/etc/rc.d/samba start
root@gX:~# /etc/init.d/bind9 restart root@gX:~# /etc/init.d/winbind restart
gX# ntlm_auth --username=uX password: NT_STATUS_OK: Success (0x0)
[gX:~] # pkg_add -r squid [gX:~] # chown root:squid /var/db/samba/winbindd_privileged/ [gX:~] # cat /etc/rc.conf ... squid_enable=yes [gX:~] # rehash [gX:~] # squid -z [gX:~] # cd /usr/local/etc/squid
root@gX:~# apt-get install squid root@gX:~# cd /etc/squid
gX# rcsdiff squid.conf 211c211 < # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --- > # for linux uncomment > # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp > # for freebsd uncomment > # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp 644a645,647 > acl inetuser proxy_auth REQUIRED > http_access allow inetuser > # http_access allow localnet
[gX:~] # /usr/local/etc/rc.d/squid start
root@gX:~# /etc/init.d/squid restart
gX# ntlm_auth --username=uX --require-membership-of=ADX\\inet
[gX:~] # cat /etc/pam.d/sshd ... auth sufficient /usr/local/lib/pam_winbind.so auth required pam_unix.so no_warn try_first_pass
root@g15:~# apt-get install libpam-modules
root@gX:~# more /etc/pam.d/sshd ... auth sufficient pam_winbind.so # Standard Un*x authentication. ...