On Thu, 2006-02-16 at 15:14 -0500, Meyerovich Aleksandr EB_NY wrote:
> At last I got squid_ldap_auth with squid_ldap_group to authenticate and
> authorize against the MSAD.
> Thanks a lot for tips.
>
> What I ultimately would like to have is a situation when it only takes
> to match the group membership to get access to the Internet, and NO
> authentication is required. The userId accessing the Internet should be
> still recorded in the access.log
>
> Any suggestions on this?
You can do this if you use one of Microsoft's proprietary authentication
protocols, NTLM and AUTHENTICATE/GSSAPI/KERBEROS. Both will supported in
squid-3, only the former is available in squid-2.
See
http://squidwiki.kinkie.it/SquidFaq/ProxyAuthentication
http://squidwiki.kinkie.it/NTLMIssues
http://squidwiki.kinkie.it/NegotiateAuthentication
-- Kinkie <kinkie-squid@kinkie.it>Received on Thu Feb 16 2006 - 16:37:03 MST
This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST