I have one question (issue) and I hope that you can help me.
Kerberos authentication works perfectly fine when the PC is connected to Domain and the user is authenticated.
auth_param negotiate program /usr/local/libexec/squid/negotiate_kerberos_auth -r -d -k /usr/local/etc/squid/squidproxy.keytab
What I try to achieve is to authenticate the user with his AD credentials when the PC is not on DOMAIN.
auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b "dc=yourcompany,dc=com" -D uid=some-user,ou=People,dc=yourcompany,dc=com -w password -f uid=%s ldap.yourcompany.com
I can do that with LDAP, but only if I disable (in config) Kerberos on Squid.
Somehow Kerberos and LDAP config don't work together.
Error that I getting in the log is :
LDAP ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: received type 1 NTLM token; }}
On the other side, Kerberos is working fine.
I would really like to have your input on it
Thanks
Kerberos authentication works perfectly fine when the PC is connected to Domain and the user is authenticated.
auth_param negotiate program /usr/local/libexec/squid/negotiate_kerberos_auth -r -d -k /usr/local/etc/squid/squidproxy.keytab
What I try to achieve is to authenticate the user with his AD credentials when the PC is not on DOMAIN.
auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b "dc=yourcompany,dc=com" -D uid=some-user,ou=People,dc=yourcompany,dc=com -w password -f uid=%s ldap.yourcompany.com
I can do that with LDAP, but only if I disable (in config) Kerberos on Squid.
Somehow Kerberos and LDAP config don't work together.
Error that I getting in the log is :
LDAP ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: received type 1 NTLM token; }}
On the other side, Kerberos is working fine.
I would really like to have your input on it
Thanks
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
