In the man page of ntlm_auth, the helper program Squid uses for ntlmssp authentication, it states that Squid needs to have the correct permissions on the winbindd_privileges in order for it to authenticate: "Requires access to the directory winbindd_privileged in $LOCKDIR." I can't seem to figure out what to set it to. I am under the impression that Squid runs as user squid and group nobody. When I change the group on the directory to nobody, it still cannot authenticate: Login for user [DOMAIN]\[user]@[XXXXX] failed due to [winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/lib/samba/winbindd_privileged are set correctly.] When I change the directory permissions to 755, making it world readable, it works, however this is not secure. Does anyone know what to set this to so that Squid can access it without it being world readable? What group do I need to set it to? Thanks, Anthony Simonelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org