The Apache module mod_auth_ntlm_winbind uses the program originally developed for Squid, ntlm_auth, for authentication, and so one of its requirements is a Samba server installation in which the server itself is a member of an Active Directory domain. ntlm_auth uses winbind and therefore offers smooth integration into an existing Active Directory.

The module has three methods available for authentication: NTLM, Negotiate (SPNEGO), and the Basic authentication. In Summer 2007 there were still problems with Negotiate. Developed originally for a proxy, the method did not quite fit the needs of a Web server and therefore was not used. At the time of writing, NTLM and Basic authentication remain, but this ...