For some time I have a problem with the following:
I have an Active Directory domain with several computers.I have made group in AD for AD users who should be allowed to access internet. I have configured Squid proxy server to authenticate users based on their AD membership,but one thing is missing:the users,when starting their web browsers,have to enter username/password (domain one).It is embarrassing to them,although they can click OK and use stored passwords...I know that it is possible to configure Squid with Kerberos,so that the credentials of AD user logged on machine are used,and it is completely transparent top user,no prompt for username/password.
If you can help me,please explain which services needs to be configured (samba,kerberos?).Please do not post if you haven't already done it by yourself,because I have read tons of how-to's and they don't work...Thanks!