Search squid archive

AD authentiction with squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear All,


i have squid Proxy server on Centos 5 working perfectly for a quite
sometime and now we would like to have squid authenticating with ADS for
more control .
so that only users that have logged into domain are asked allowed for
internet and others who dont log in have internet access denied but only
local network services avaliable.
i am not a professional in ADS so wd really apprecite your help
i have been googling arround and tried but was only able to authenticate
with squid by getting the popup window but not accept the password.
i would like plain text authentication since i guess its the easiest one

the setup

Centos 5
Squid stable 2.6

the domain is ADS WINDOWS 2003
Domain Name: baladia.local
computer name :kmun

jus cut and paste some squid entries .


auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
"dc=baladia,dc=local" -D "cn=Administrator,cn=Users,dc=baladia,dc=local"
-w "xxxx" -f sAMAccountName=%s -h 172.16.2.227
auth_param basic children 5
auth_param basic realm PROXY SERVER
auth_param basic credentialsttl  5 minutes

where xxxx is the administrtor password
172.16.2.227 is the IP address of the domain

will the above help me to authenticate user with ADS

when i log into the domain and user my browser the window pops up but when
i enter the username and password it ask me the same dialog again

also if i dont log into domain its the same

the squid accesslog error is

1237471571.612     13 xx.xx.xx.xx TCP_DENIED/407 1761 GET
http://vcs2.msg.yahoo.com/capacity testuser

where testuser is the username on my domain

apprecite if someone can help me with example or some links with examples

thanks and really wd apprecite your kinf help


if any more queries are required i be most grateful to forward them to you



regards


simon








-- 
Network ADMIN
-------------
KUWAIT MUNICIPALITY:


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux