tor 2008-02-21 klockan 08:55 -0800 skrev Sheldon Carvalho:
> Hi, I was trying to setup squid on fc7. Version 2.6.STABLE16. I have a
> domain setup in win 2003 server with about 20 users (abcgroup.local),
> the IP address of the domain controller being 192.168.10.3. I have a
> group(abcgroup), which has 3 companys.(Cmp1, Cmp2, Cmp3) Now, I am
> setting all this up assuming I could use the squid_ldap_auth param to
> query the domain to authenticate the user without installing a ldap
> server on the DC. I tried to research on openLdap but I am not sure if
> I sould be using it on the win server.
Windows AD controllers normally do not allow plain-text authentication.
You need to install a SSL/TLS certificate on the AD server and tell
squid_ldap_auth to use SSL/TLS.
I would recommend using Samba winbind instead for talking to the domain.
Much easier to configure and as a bonus you get NTLM (and possibly even
Kerberos) support.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST