Time for action – configuring MSNT authentication
Configuring the MSNT authentication helper is quite easy and is done by modifying the /opt/squid/etc/msntauth.conf file. The default configuration file looks as follows:
# NT domain hosts. Best to put the hostnames in /etc/hosts. server myPDC myBDC myNTdomain # Denied and allowed users. Comment these if not needed. denyusers /opt/squid/etc/msntauth.denyusers allowusers /opt/squid/etc/msntauth.allowusers
We should replace myPDC (Primary Domain Controller), myBDC (Backup Domain Controller), and myNTdomain (Windows NT Domain) with values for our environment. We can add as many as five different domains in this configuration file.
Also notice the denyusers and allowusers directives. The denyusers directive specifies a file that contains all the usernames that must not be allowed to access our proxy server. The helper will not even bother to check the credentials of the usernames in this file.
The directive allowusers...
