polloxx wrote: > I have a problem authenticating a squid server (on Debian Etch) > against ldap on a Win2000 AD with IP address 10.0.0.10: > > In the AD I have > - a domain: domain.com > - a group Users > - in that group I have a user Administrator with password aaa (and > full access), and a user squid with password bbb. > > I try to authenticate the squid user: > > # /usr/lib/squid/ldap_auth -d -R -b "ou=Users,dc=domain,dc=com" -D > "cn=Administrator,ou=Users,dc=domain,dc=com" -w "aaa" -h 10.0.0.10 > > I enter: > > squid bbb > > I get: > attempting to authenticate user 'uid=squid,ou=Users,dc=domain,dc=com' > ERR Success > > It should be an OK. I've been trying all kind of variations, no no > success so I'm despite. > Anyone who can help me? What am I doing wrong? > > Thank you. > P. > I'm not sure if LDAP only will work for authentication against Active Directory. AD uses kerberos so I'm not sure if this setup will work. I use squid to query AD but I use ntlm to accomplish this. This requires you to configure samba and winbind then use the ntlm helper in squid for authentication. If the machine is on the domain the browser will pass the authentication transparently. ~Cory Coager
