Henrik Nordstrom wrote:
> On Fri, 12 Mar 2004 mangoo@interia.pl wrote:
>>So: is it possible, using Squid, LDAP server, and a browser that supports NTLM,
>>to authenticate user, so that no pop-up 'username + password' window shows up?
>
>
> No, but it is fully possible to use Squid + Active Directory + a browser
> that supports NTLM in such manner.
OK.
Here's my setup:
[Squid-192.168.1.1]---[Active Directory-192.168.1.2]
and a network of 192.168.1.* attached to it, with NTLM enabled browsers
attached to it.
Currently everyone is authenticated through squid_ldap_auth first, then
squid_ldap_group, so that everyone could match his/her own acl.
User+pass windows pops up.
In order to get rid of that pop-up windows:
1) Does that mean that I have to install Samba on Squid machine?
2) Does that mean, that I have to remove squid_ldap_auth from the config
file, as authentication would be done by Samba?
3) Does that mean, that squid_ldap_group can stay, as I need to match
each ldap-group with respective acl?
What I also think, this all ldap_auth, ldap_group, NTLM stuff is *very*
poorly documented, especially when one wants to make them work together.
This means, that instead of wasting a couple of days, one coul do it in
a few hours, if there was decent documentation describing it.
I could write it, with examples, screenshots etc. as soon as I have NTLM
working.
So far, I have ldap_auth and ldap_group.
What do you think?
-- T.
Received on Mon Mar 15 2004 - 13:05:25 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST