Re: [squid-users] SQUID Authenticating with Active Directory from Henrik Nordstrom on 2007-11-12 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 13 Nov 2007 01:19:18 +0100

On mån, 2007-11-12 at 10:38 +0000, Gordon McKee wrote:
> Hi
>
> I was looking on the net to get squid to grant access to the internet if a
> user in active directory was in a certain group. I found out how to do this
> but I get the following error. Does someone have a better way around this?
> Also, if possble, I don't want to ask for a username and password.

http://wiki.squid-cache.org/ConfigExamples/WindowsAuthenticationNTLM

http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication#head-1d6e24e071a1a5e65f112d9a96cdf1320684a8f2

> 1194696868.005 93 192.168.0.99 TCP_DENIED/407 1921 GET
> http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
> gdm NONE/- text/html
> squid_ldap_auth: WARNING, could not bind to binddn 'Strong(er)
> authentication required'

Your AD do not allow plain-text ldap logins. You may need to use SSL/TLS
(Note: requires a SSL cert to be installed on the AD server).

But not relevant if using Samba as desribed in the links above..

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Mon Nov 12 2007 - 17:19:24 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST