"Manoj Rajkarnikar" <manoj.rajkarnikar@xxxxxxxxx> wrote in message news:AANLkTinGXTOwX+AysRVGoasEiqRS1qrMX2VYM8t5i3Aj@xxxxxxxxxxxxxxxxx
Hi all. I've been trying to setup this squid box with authentication to AD 2003 server. The need in our situation is to allow the workstation allow access to internet and not the user since the users are always moving from station to station. I've already setup kerberos authentication successfully. I've searched through the list for any thing related to authorizing computer account but found none..
Why do you want to limit the computer not the user ? I assume the user login to the stations with their credentials, so moving stations should not be an issue or ?
I'm not very familiar with ldap queries. any help would be greatly appreciated.. i'm trying to use squid_kerb_ldap for ldap authorization...
squid_kerb_ldap will connect to AD and determines if a user is a member of an AD group. The connection to AD is authenticated using the Kerbeors key from the squid keytab file and the AD server is found by using SRV DNS records which are usually defined in a Windows environment with AD.
Thank you very much for your help. Regards Manoj
