Hi Matthew,
I think you are a bit confused. AD offers a Kerberos and ldap service.
OpenDirecttory or eDirectory is just ldap and has nothing to do with
Kerberos (as far as I know). You can use AD, MIT Kerberos, Heimdal Kerberos
or any other Implementation (e.g. Solaris based) for authentication with
squid.
Regards
Markus
"Matthew Smith" <mps@xxxxxxxxxxx> wrote in message
news:AB612D11-33B4-442C-8779-3EA2EF75AABA@xxxxxxxxxxxxxx
Hi Amos,
Thanks for the reply, you have left me very confused, though. We are talking
about MIT's kerberos, right?
http://en.wikipedia.org/wiki/Kerberos_(protocol)
My understanding is that kerberos is a protocol for authentication, and
other directory services (like Mac OS X's OpenDirectory) support it as well
as AD.
Thanks for the link to the wiki, I had a quick look through, and I'll see if
I can get it going with AD as a test. Does anyone know if any other
directory services that implement Kerberos are supported? I'd like to see if
I can get it to work with OpenDirectory or maybe Novell eDirectory.
Thanks for the help!
Matt Smith
On 17/05/2010, at 1:57 PM, Amos Jeffries wrote:
On Mon, 17 May 2010 11:15:06 +1000, Matthew Smith <mps@xxxxxxxxxxx> wrote:
Hi!
I have been trying to find out some info on kerberos auth and squid, but
most of my searching points to setting up kerberos for single signon
with
windows AD. Are other directory services supported? If so, which? Also
does
anyone know of some good beginner style resources for setting up kerb
auth
with squid?
That would be because the protocol is a proprietary one by Microsoft.
Non-microsoft software would tend to lean towards other free alternatives.
Have you seen the wiki Kerberos pages?
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
Amos
