Kinkie wrote:
On Tue, 2006-01-24 at 14:23 -0200, Fernando Lujan wrote:
Hi all,
I'm researching a way to authenticate users using Samba or Ldap. There
problem is that I need to authenticate the users using group policies.
Which is the best alternative to implement this behavior?
Authenticate or authorize? As in: "yes, I the server trust that you are
really user foo\bar" or "yes, given that you are foo\bar you can access
url http://gazonk.com/";?
The former cannot be done via group policy, the latter can be. Not in
the "Group policy" sense, but rather in the "check group membership"
sense.
This is relevant because squid splits authentication from authorization.
The former can be done via samba's winbind or (if you're running on
windows using the LSA) or again via ldap against a domain controller,
the latter is better done via ldap. For the details on "how" please do a
search on this mailing-list - it's almost a FAQ.
Thanks Kinkie. I'm serarching for the authorization behavior. :)
I found a howto here http://workaround.org/moin/SquidLdap , and I'm
going to use it.
Fernando Lujan
