Thanks for the information.
I'm thinking about how am I going to deal with ACL's,
once I have configured the ntlm_auth helper.
I tested the MSNT module to connect the Squid 2.5 with
the Windows 2000 Active Directory, it works fine, but
when I create the Squid ACL's I have to specify the
users manually, for example:
acl foo proxy_auth lisa sarah frank joe
acl bar proxy_auth john rita mary
In a large network with hundreds of Active Directory
users, it will require a lot of administrative effort.
If I use the "ntlm_auth helper" that comes with Samba
3.0, there will be a way to specify an Active
Directory group container in an ACL, instead of typing
the user names ???
Thanks,
Edson
--- Diego Woitasen <diegows@linux.org.ar> escreveu:
> Use the ntlm_auth helper that comes with winbindd
> for that. See authentication section of Squid's FAQ
for more info.
>
>
>
> El sáb, 20-11-2004 a las 16:13, Edson Omori
> escribió:
>
> Hi,
> >
> > I´ve read through the mailing list and found that
> we
> > can use the squid_ldap_auth squid module, to
> > autenticate users against Active Directory using
> > squid.
> >
> > I have a testing lab here, a Windows 2000 server
> > domain controller, and a Fedora c1 linux box,
> squid
> > 2.5 running. I created two different groups in
> AD,
> > I´d like to have different ACL´s in squid for each
> > one of these groups.
> >
> > The server name is Win2kserver, the domain name
> is
> > Trisoft.net, the group names are test1 and test2.
> > How should I configure the "squid_ldap_auth"
> script
> > to use it in Squid to acomplish this ???
> >
> > Any help appreciated, thank you,
> > Edson (from Brazil, sorry for the poor english)
> >
> >
> >
> >
> >
> >
> >
>
_______________________________________________________
>
> > Yahoo! Acesso Grátis - Internet rápida e grátis.
> Instale o discador agora!
> http://br.acesso.yahoo.com/
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Sun Nov 21 2004 - 13:56:20 MST
This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST