Re: [squid-users] cannot auth win 2003 users with squid ldap_auth

From: Henrik Nordström <henrik@dont-contact.us>
Date: Mon, 25 Feb 2008 03:32:41 +0100

tor 2008-02-21 klockan 08:55 -0800 skrev Sheldon Carvalho:
> Hi, I was trying to setup squid on fc7. Version 2.6.STABLE16. I have a
> domain setup in win 2003 server with about 20 users (abcgroup.local),
> the IP address of the domain controller being 192.168.10.3. I have a
> group(abcgroup), which has 3 companys.(Cmp1, Cmp2, Cmp3) Now, I am
> setting all this up assuming I could use the squid_ldap_auth param to
> query the domain to authenticate the user without installing a ldap
> server on the DC. I tried to research on openLdap but I am not sure if
> I sould be using it on the win server.

Windows AD controllers normally do not allow plain-text authentication.
You need to install a SSL/TLS certificate on the AD server and tell
squid_ldap_auth to use SSL/TLS.

I would recommend using Samba winbind instead for talking to the domain.
Much easier to configure and as a bonus you get NTLM (and possibly even
Kerberos) support.

Regards
Henrik

Received on Sun Feb 24 2008 - 19:36:59 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST