On 9/28/07, Cory Coager <ccoager@utechproducts.com> wrote:
> polloxx wrote:
> > I have a problem authenticating a squid server (on Debian Etch)
> > against ldap on a Win2000 AD with IP address 10.0.0.10:
> >
> > In the AD I have
> > - a domain: domain.com
> > - a group Users
> > - in that group I have a user Administrator with password aaa (and
> > full access), and a user squid with password bbb.
> >
> > I try to authenticate the squid user:
> >
> > # /usr/lib/squid/ldap_auth -d -R -b "ou=Users,dc=domain,dc=com" -D
> > "cn=Administrator,ou=Users,dc=domain,dc=com" -w "aaa" -h 10.0.0.10
> >
> > I enter:
> >
> > squid bbb
> >
> > I get:
> > attempting to authenticate user 'uid=squid,ou=Users,dc=domain,dc=com'
> > ERR Success
> >
> > It should be an OK. I've been trying all kind of variations, no no
> > success so I'm despite.
> > Anyone who can help me? What am I doing wrong?
> >
> > Thank you.
> > P.
> >
>
> I'm not sure if LDAP only will work for authentication against Active
> Directory. AD uses kerberos so I'm not sure if this setup will work.
>
> I use squid to query AD but I use ntlm to accomplish this. This
> requires you to configure samba and winbind then use the ntlm helper in
> squid for authentication. If the machine is on the domain the browser
> will pass the authentication transparently.
>
>
Cory,
I doesn't seem to work using ldap_auth and W2K AD.
I'll try it your way, because I was already too long struggling on this. :(
It seems that samba 3.x no longer needs winbind, it even doesn't work
using winbind, according to the squid FAQ. Can you post your settings
or point me to some good how-to?
Thanks,
P
Received on Mon Oct 01 2007 - 08:47:55 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:00 MDT