Re: [squid-users] SOS with squid_ldap_auth !!

From: Kinkie <kinkie-squid@dont-contact.us>
Date: Fri, 17 Feb 2006 00:36:51 +0100

On Thu, 2006-02-16 at 15:14 -0500, Meyerovich Aleksandr EB_NY wrote:
> At last I got squid_ldap_auth with squid_ldap_group to authenticate and
> authorize against the MSAD.
> Thanks a lot for tips.
>
> What I ultimately would like to have is a situation when it only takes
> to match the group membership to get access to the Internet, and NO
> authentication is required. The userId accessing the Internet should be
> still recorded in the access.log
>
> Any suggestions on this?

You can do this if you use one of Microsoft's proprietary authentication
protocols, NTLM and AUTHENTICATE/GSSAPI/KERBEROS. Both will supported in
squid-3, only the former is available in squid-2.

See
http://squidwiki.kinkie.it/SquidFaq/ProxyAuthentication
http://squidwiki.kinkie.it/NTLMIssues
http://squidwiki.kinkie.it/NegotiateAuthentication

-- 
Kinkie <kinkie-squid@kinkie.it>
Received on Thu Feb 16 2006 - 16:37:03 MST

This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST