[squid-users] Question about squid authenticators

From: Reale Marco <Marco.Reale@dont-contact.us>
Date: Wed, 20 Dec 2006 15:18:18 +0100

Actually I have squidnt 2.6 on windows 2003 and all works correctly
using "mswin_check_lm_group.exe". Ntlmv2 is also configured on mine
domain controller and clients use wonderful wpad

I'd like to test the same "topology" using a linux machine and reading
squid doc I have understood that this is possible using a version of
Samba > 3.02 (that support ntlmv2) and "ntlm_auth"
This sounds good and support ntlmv2 BUT require the join to the domain

Now I have 3 questions:
1)Ldap auth
I have some devices like "fortigate800", "hp printers" etc...that
support ldap authentication and obviously this devices are not joined to
the domain but they simply query mine domain controller; example: user
insert his username/password in hp printers and they are able to print.
Because I would like configure squid in the same way I searched on
google that produced this interesting link
(http://papercut.biz/products/ng/manual/apdx-proxy-squid.html) that
explain "Squid authentication with LDAP / Active Directory"
Thus if I have correctly understood this is my case but because most of
docs I founded were related to samba I have some doubt about it....
Does it work correctly? What are cons? Is it what I need or are there
better solutions?

My configuration should be like this:
Internet explorer (ntlm)---->squid----(ldap query with rules)---->Active
Directory Dc
                                                        but no ad join

2) Firefox and ntlm support
Does Firefox support ntlmv2 both in windows and linux?

3) Firefox and wpad
I saw that firefox doesn't support wpad (that is wonderful in my
opinion); how is possibile? Why firefox developers doesn't add wpad
support both on windows and linux?

Thanks
Marco
Italy
Received on Wed Dec 20 2006 - 07:18:24 MST

This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST