Boniforti Flavio wrote:
> Hello (again) list!
> I have to set up authentication on our squid box, and the first thing
> I'm in doubt of is which kind of authentication best suits my needs.
> Personally, I'd like to get users authenticated using the same
> credentials they use to log on to Windows (which means using an
> authentication scheme against Active Directory, don't know it's name,
> tough!). So, in this case, what would I need? How should I set things up?
> My boss, instead, would like to have our users to type user/pass
> keypairs everytime the open for the first time their browsers. This
> would lead to a second "user database", I guess, which would be
> separated from Windows' Active Directory. What authentication and
> setup would best suit in this latter case?
>
> Thank you for your suggestions...
>
use winbindd. Info is at
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5
setup for basic only to be prompted with a box for user/pass. This will
make the boss happy and uses the same AD logins. Although you can cache
this locally on the PC so users will just click ok to the info that
they've saved. Won't really slow them down much but they'll know it's
being authenticated. Although I think XP won't even show you hte box
if you've saved the info but I'm not definate.
I think LDAP can be used in AD environment for basic only but not sure
again, never done that. You'll need to search the FAQ
setup for NTLM to pass the user/passwd transparently. also setup for
basic in this case to allow non IE stuff to work as well.
Billy
Received on Mon Aug 30 2004 - 10:35:03 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:03 MDT