Configuring a Squid Server to authenticate off Active Directory

By Adrian Chadd

Warning: Any example presented here is provided “as-is” with no support or guarantee of suitability. If you have any further questions about these examples please email the squid-users mailing list.

Basic Concepts

In this example, a Squid installation will use the Samba ntlm_auth helper to authenticate against an Windows Active Directory. The server will be joined to the Active Directory domain and other services can use the ntlm_auth helper to authenticate users (but be out of the scope of this document.)


  • Windows Server 2003 AD
  • Ubuntu Dapper installation
  • Squid-2.6
  • Kerberos 5
  • Samba + Winbind
  • NTP server running on AD controller

Packages to install

  • samba (3)
  • ntp-server (Kerberos requires time-synchronised machines)
  • krb5-doc, krb5-config, krb5-user, libkerb53, libkadm55 (Kerberos related user libraries)
  • winbind



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s