"Benedict simon" <simon@xxxxxxxxxxx> wrote in message
news:dde908b0d0e692cbfa0d7d7490dce7f2.squirrel@xxxxxxxxxxxxxxxxxxxxxxxxx
Dear Amos,
Thanks and really apprecite for ur quick reply
i will try the link and n check it out.
me too a novice in Ldap n not a professional in ADS
regards
simon
Benedict simon wrote:
Dear All,
i have squid Proxy server on Centos 5 working perfectly for a quite
sometime and now we would like to have squid authenticating with ADS for
more control .
so that only users that have logged into domain are asked allowed for
internet and others who dont log in have internet access denied but only
local network services avaliable.
i am not a professional in ADS so wd really apprecite your help
i have been googling arround and tried but was only able to authenticate
with squid by getting the popup window but not accept the password.
i would like plain text authentication since i guess its the easiest one
the setup
Centos 5
Squid stable 2.6
the domain is ADS WINDOWS 2003
Domain Name: baladia.local
computer name :kmun
jus cut and paste some squid entries .
auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
"dc=baladia,dc=local" -D "cn=Administrator,cn=Users,dc=baladia,dc=local"
-w "xxxx" -f sAMAccountName=%s -h 172.16.2.227
auth_param basic children 5
auth_param basic realm PROXY SERVER
auth_param basic credentialsttl 5 minutes
where xxxx is the administrtor password
172.16.2.227 is the IP address of the domain
will the above help me to authenticate user with ADS
when i log into the domain and user my browser the window pops up but
when
i enter the username and password it ask me the same dialog again
also if i dont log into domain its the same
the squid accesslog error is
1237471571.612 13 xx.xx.xx.xx TCP_DENIED/407 1761 GET
http://vcs2.msg.yahoo.com/capacity testuser
where testuser is the username on my domain
apprecite if someone can help me with example or some links with
examples
thanks and really wd apprecite your kinf help
http://wiki.squid-cache.org/ConfigExamples has a section for
authentication templates and how-tos.
I'm not clued up on LDAP or AD requirements so can;t help any further on
this.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
Current Beta Squid 3.1.0.6
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
Network ADMIN
-------------
KUWAIT MUNICIPALITY:
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
You could use squid_kerb_auth.
Regards
Markus