Re: [squid-users] NTLM + LDAP auth - no pop-up password window

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 12 Mar 2004 19:36:44 +0100 (CET)

On Fri, 12 Mar 2004 mangoo@interia.pl wrote:

> I would like to set up Squid in a way, so that it would authenticate users
> against LDAP server (Active Directory), and do it in a transparent way for a user.
> In other words, so that no 'user + password' window pops-up if the user has
> already logged into a domain.

Tricky.. the only automatica authentication scheme is NTLM, and this
basically requires a NT Domain backend....

> What I achieved so far is that Squid authenticates against LDAP server (Active
> Directory), logs usernames into a logfile then etc.
>
> I couldn't find much documentation about NTLM + LDAP in Squid, and from what
> I've already read, I'm not sure.

You need to access the active directory as a NT Domain server. See the
Squid FAQ on using winbind for authentication.

> So: is it possible, using Squid, LDAP server, and a browser that supports NTLM,
> to authenticate user, so that no pop-up 'username + password' window shows up?

No, but it is fully possible to use Squid + Active Directory + a browser
that supports NTLM in such manner.

Regards
Henrik
Received on Fri Mar 12 2004 - 11:36:47 MST

This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST