RE: [squid-users] LDAP & Novell

From: Matt Kehler <mkehler@dont-contact.us>
Date: Wed, 11 Dec 2002 22:54:06 -0600

FYI, to enable clear text in Novell LDAP..click on the LDAP object in
NDS...click 'enable clear text', and hit OK...so it should be somewhat
easy, don't let them tell you otherwise :)

SSL....now that may prove to be slightly harder...

Matt

>>> "Jay Turner" <jturner@bsis.com.au> 12/11/02 19:59 PM >>>
Thanks for the clarification Henrik.

Next steps for me:

a) Configuring NDS with clear-text first if possible just to prove that
this
will all work.
b) Getting the 2.6 helpers and compiling squid_ldap_auth there for use
with
Squid2.5-STABLE2
c) Getting a Novell guy to come in and assist in setting up the SSL
certs
etc on the Novell side.

I'll keep you all posted

Regards
Jay

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Thursday, 12 December 2002 9:21 AM
To: jturner@bsis.com.au; G Welter
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] LDAP & Novell

On Thursday 12 December 2002 02.01, Jay Turner wrote:

> Obviously TLS is the correct option here.
> Henrik when you say the current helper, are you referring to the
> one in Squid2.5-STABLE2? Is the TLS support offered in
> Squid2.4-STABLE7? I'll guess no.

By current I refer to the current Squid-2.5 snapshots.

I do not remember which capabilities the version shipped in
2.4.STABLE7 has.

> You also have (patched), does this mean that the standard
> "out-of-the-box" helper requires additional patching to make it
> work correctly with TLS?

Checking.. actually I refer to the version in Squid-2.6 or later
here.. should probably backport this to Squid-2.5. Thought this had
been done but this is only the case for the group helper.

Note: the helper sources from Squid-2.6 or later can be used just fine
with Squid-2.5.

> Has an FAQ or how-to been created for this process yet? Am I the
> only one that has experienced this (or is it due to my lack of
> Novell knowledge? Are Novell users are already aware of all these
> issues?)

You are welcome to write a FAQ entry with your experiences, preferably
based on Squid-2.5.

> So, the next steps... what is now required is a version of the
> squid_LDAP helper that supports TLS, an SSL certificate on the
> Novell server, and TLS support on the Squid server (what exactly
> does this entail? just the squid_LDAP helper?)

TLS support on the Novell server. Squid does not need to know about
TLS. Only the LDAP helper and your Novell NDS server.

Regards
Henrik
Received on Wed Dec 11 2002 - 22:08:27 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:03 MST