ons 2006-12-20 klockan 15:18 +0100 skrev Reale Marco:
> I'd like to test the same "topology" using a linux machine and reading
> squid doc I have understood that this is possible using a version of
> Samba > 3.02 (that support ntlmv2) and "ntlm_auth"
> This sounds good and support ntlmv2 BUT require the join to the domain
Yes, and so does Windows..
> Now I have 3 questions:
> 1)Ldap auth
> I have some devices like "fortigate800", "hp printers" etc...that
> support ldap authentication and obviously this devices are not joined to
> the domain but they simply query mine domain controller;
Yes. And so can Squid if you prefer. See the squid_ldap_auth basic auth
helper.
> Does it work correctly? What are cons? Is it what I need or are there
> better solutions?
Setting up LDAP authentication is a bit harder for the novice admin as a
lot of how MSAD exposes itself in the LDAP interface isn't very obvious
using the default MS admin tools.
Also only basic (plain text) authentication is possible via LDAP. For
NTLM authentication you need to be joined to the domain somewhere..
> 2) Firefox and ntlm support
> Does Firefox support ntlmv2 both in windows and linux?
I am told it does. But have no AD environment..
> 3) Firefox and wpad
> I saw that firefox doesn't support wpad (that is wonderful in my
> opinion); how is possibile? Why firefox developers doesn't add wpad
> support both on windows and linux?
Firefox supports WPAD using DNS.
It does not support the DHCP WPAD option as access to DHCP options is
generally not available to Firefox when running under Linux.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST