Since winbind uses ``base64'' encoding is it possible for squid and winbind
to only look at the username being presented and not ask for the password
therefore the password would not be transmitted in clear text?
Jim
Henrik
Nordstrom To: Jim_Brouse/PYT@PASCUAYAQUITRIBE.ORG
<hno@squid-cac cc: squid-users@squid-cache.org
he.org> Subject: Re: [squid-users] squid and ldap and active directory
03/19/2004
02:31 PM
On Fri, 19 Mar 2004 Jim_Brouse/PYT@PASCUAYAQUITRIBE.ORG wrote:
> I want to use squid and have users authenticate via their currently in
use
> active directory username and password, to do this do I need open ldap
> installed on the squid server?
You need the OpenLDAP libraries if you want to use the LDAP helpers for
Squid.
You do not need the OpenLDAP server or clients installed.
> Will the users be presented with an username/password box or will squid
use
> the curretly in use credentials of the user who is logged on?
LDAP is only possible in the Basic authentication scheme where the users
is asked for their login.
If you want to use automatic login then you need to use the NTLM scheme,
and here the recommended approach is to install Samba-3 and have the Squid
server join your windows domain. See the Squid FAQ on winbind for details.
Regards
Henrik
Received on Thu Apr 01 2004 - 14:50:01 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT