I've just built a squid 2.5 proxy server running on Gentoo Linux with Samba
3 that succesfully does NTLM authentication against our Windows 2000 AD for
both user and group authentication.
The documentation on this isn't great, particularly on the Samba side - the
biggest problems I had was not realising I needed Samba 3 in order to do AD
(as opposed to NT) authentication, and not realising I had to set Domain
Logons in smb.conf to NO in order to succesfully do group lookups. Once its
up, it works fine though.
-----Original Message-----
From: jonathan_hughes@goodyear.co.za
[mailto:jonathan_hughes@goodyear.co.za]
Sent: 08 December 2003 07:18
To: robertc@squid-cache.org
Cc: Dave Augustus; Squid Users
Subject: Re: [squid-users] Squid versus Microsoft ISA - Query RE: Squid
Reporting and NT Authentication
List,
we are an MS ISA shop that has no problem/bias testing or using Squid - and
may go that way:
My querys are:
(1) Can you Squid pro's advise me on the reporting options avaliable to
Squid. I demo'd Squid last week Friday to management and they wanted to
know what reporting options Squid offered. I had been so caught up in the
tech of setting up Squid that I had not checked this before the meeting. It
is not a train smash - any advice on third party tools/options?
(2) If I have my Squid server setup as a single primary parent cache server
in a fully Microsoft Domain based network - CAN I authenticate my Squid
users via Samba etc. and are there support documents avaliable for this. I
run Squid2.5 on Red Hat 9. The domain controllers are all pure MS
BDC/PDC's. Our setup is quite simple. SAMBA documentation suggests that
this is only possible if the PDC/BDC's areLinux boxes. Looks as if this
functionality is not yet built into SAMBA 3.0.0. Any advice/leads?
Your responses as always will be appreciated.
Thank you,
Jonathan Hughes
Tech Support Specialist
Goodyear South Africa
Robert Collins
<robertc@squid-c To: Dave Augustus
<davea@support.kcm.org>
ache.org> cc: Squid Users
<squid-users@squid-cache.org>
Subject: Re: [squid-users]
Squid versus Microsoft ISA
2003/12/05 10:57
PM
On Fri, 2003-12-05 at 02:41, Dave Augustus wrote:
> Hello All,
>
> Realizing that most on this list are biased against Microsoft, I am
> asking you to put your biases aside and answer this question:
>
> Why should I as a manager consider using Squid over Microsoft ISA in an
> (almost) entirely Microsoft shop if neither solution is deployed yet?
Additionally, I'd like to add that
*) squid runs on NT (many thanks to Guido who maintains the native port)
*) squid is considerablly more tunable than ISA's proxy facilities.
*) I don't think it's fair to say that 'most on this list' are biased
against Microsoft. The list is here for folk who use squid, and many
(I'd have to say 90+%) support or interoperate with Microsoft
clients/servers and the like.
Rob
-- GPG key available at: <http://www.robertcollins.net/keys.txt>. *********************************************************************************** This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on its information. The contents of this email are those of the individual and do not necessarily represent the views of the company. The company does not conclude contracts by email and all negotiations are subject to contract. ************************************************************************************Received on Mon Dec 08 2003 - 07:57:23 MST
This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:06 MST