[gate:~] # /usr/local/etc/rc.d/samba stop

[gate:~] # cat /etc/rc.conf
…
nmbd_enable="NO"
smbd_enable="NO"
winbindd_enable="YES"
…

[gate:~] # cd /usr/local/etc/

root@gate:~# /etc/init.d/samba stop

root@gate:~# stop nmbd
root@gate:~# stop smbd

root@gate:~# apt-get install winbind

root@gate:~# cd /etc/samba

gate# cat smb.conf 

[global]
        workgroup = ADCORPX
        security = DOMAIN
        winbind use default domain = Yes

gate# net rpc join -U Administrator
Administrators's password: 
Joined domain ADCORPX

[gate:~] # /usr/local/etc/rc.d/samba start

root@gate:~# /etc/init.d/bind9 restart

root@gate:~# /etc/init.d/winbind restart

gate# ntlm_auth --username=user
password: 
NT_STATUS_OK: Success (0x0)

[gate:~] # pkg_add -r squid

[gate:~] # chown root:squid /var/db/samba/winbindd_privileged/

[gate:~] # cat /etc/rc.conf
...
squid_enable=yes

[gate:~] # rehash
[gate:~] # squid -z

[gate:~] # cd /usr/local/etc/squid

root@gate:~# apt-get install squid

root@gate:~# cd /etc/squid

gate# rcsdiff squid.conf
211c211
< #     auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
---
> # for linux uncomment
> # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
> # for freebsd uncomment
> # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
644a645,647
> acl inetuser proxy_auth REQUIRED
> http_access allow inetuser
> # http_access allow localnet

[gate:~] # /usr/local/etc/rc.d/squid start

root@gate:~# /etc/init.d/squid restart

gate# ntlm_auth --username=user --require-membership-of=ADCORPX\\inet

[gate:~] # cat /etc/pam.d/sshd
...
auth       sufficient      /usr/local/lib/pam_winbind.so
auth       required        pam_unix.so             no_warn try_first_pass

root@gate:~# apt-get install libpam-modules

root@gate:~# more /etc/pam.d/sshd
...
auth       sufficient  pam_winbind.so
# Standard Un*x authentication.
...