polloxx wrote:
> I have a problem authenticating a squid server (on Debian Etch)
> against ldap on a Win2000 AD with IP address 10.0.0.10:
>
> In the AD I have
> - a domain: domain.com
> - a group Users
> - in that group I have a user Administrator with password aaa (and
> full access), and a user squid with password bbb.
>
> I try to authenticate the squid user:
>
> # /usr/lib/squid/ldap_auth -d -R -b "ou=Users,dc=domain,dc=com" -D
> "cn=Administrator,ou=Users,dc=domain,dc=com" -w "aaa" -h 10.0.0.10
>
> I enter:
>
> squid bbb
>
> I get:
> attempting to authenticate user 'uid=squid,ou=Users,dc=domain,dc=com'
> ERR Success
>
> It should be an OK. I've been trying all kind of variations, no no
> success so I'm despite.
> Anyone who can help me? What am I doing wrong?
>
> Thank you.
> P.
>
I'm not sure if LDAP only will work for authentication against Active
Directory. AD uses kerberos so I'm not sure if this setup will work.
I use squid to query AD but I use ntlm to accomplish this. This
requires you to configure samba and winbind then use the ntlm helper in
squid for authentication. If the machine is on the domain the browser
will pass the authentication transparently.
~Cory Coager
Received on Fri Sep 28 2007 - 09:01:43 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:03 MDT