Currently I am using NTLM Authentication (with winbindd) to authenticate
users accessing the internet. This works pretty good after the initial
setup, however there are nuances like once the DC is restarted or loses
connectivity you need to restart the squid server (or winbindd) to get up
and running again.
My question is whether LDAP is a better option? Will using LDAP require a
user to login to access the internet? The thing I like about NTLM is it
using the currently logged on credentials so the users doesn't need to
login. I assume that by using LDAP I wont need to reboot the squid server if
the connection to the DC is temporarily lost? It would also be nice to
restrict users based on their AD group which I will be able to do with LDAP.
Any opinions are appreciated, as well as any guides people may have.
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.12.3/446 - Release Date: 9/12/2006
