"Benedict simon" <simon_at_kmun.gov.kw> wrote in message
news:dde908b0d0e692cbfa0d7d7490dce7f2.squirrel_at_webmail.baladia.gov.kw...
> Dear Amos,
>
> Thanks and really apprecite for ur quick reply
> i will try the link and n check it out.
>
> me too a novice in Ldap n not a professional in ADS
>
>
> regards
>
> simon
>
>
>> Benedict simon wrote:
>>> Dear All,
>>>
>>>
>>> i have squid Proxy server on Centos 5 working perfectly for a quite
>>> sometime and now we would like to have squid authenticating with ADS for
>>> more control .
>>> so that only users that have logged into domain are asked allowed for
>>> internet and others who dont log in have internet access denied but only
>>> local network services avaliable.
>>> i am not a professional in ADS so wd really apprecite your help
>>> i have been googling arround and tried but was only able to authenticate
>>> with squid by getting the popup window but not accept the password.
>>> i would like plain text authentication since i guess its the easiest one
>>>
>>> the setup
>>>
>>> Centos 5
>>> Squid stable 2.6
>>>
>>> the domain is ADS WINDOWS 2003
>>> Domain Name: baladia.local
>>> computer name :kmun
>>>
>>> jus cut and paste some squid entries .
>>>
>>>
>>> auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
>>> "dc=baladia,dc=local" -D "cn=Administrator,cn=Users,dc=baladia,dc=local"
>>> -w "xxxx" -f sAMAccountName=%s -h 172.16.2.227
>>> auth_param basic children 5
>>> auth_param basic realm PROXY SERVER
>>> auth_param basic credentialsttl 5 minutes
>>>
>>> where xxxx is the administrtor password
>>> 172.16.2.227 is the IP address of the domain
>>>
>>> will the above help me to authenticate user with ADS
>>>
>>> when i log into the domain and user my browser the window pops up but
>>> when
>>> i enter the username and password it ask me the same dialog again
>>>
>>> also if i dont log into domain its the same
>>>
>>> the squid accesslog error is
>>>
>>> 1237471571.612 13 xx.xx.xx.xx TCP_DENIED/407 1761 GET
>>> http://vcs2.msg.yahoo.com/capacity testuser
>>>
>>> where testuser is the username on my domain
>>>
>>> apprecite if someone can help me with example or some links with
>>> examples
>>>
>>> thanks and really wd apprecite your kinf help
>>>
>>
>> http://wiki.squid-cache.org/ConfigExamples has a section for
>> authentication templates and how-tos.
>>
>> I'm not clued up on LDAP or AD requirements so can;t help any further on
>> this.
>>
>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
>> Current Beta Squid 3.1.0.6
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>
>
> --
> Network ADMIN
> -------------
> KUWAIT MUNICIPALITY:
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
You could use squid_kerb_auth.
Regards
Markus
Received on Sat Mar 21 2009 - 00:03:14 MDT
This archive was generated by hypermail 2.2.0 : Sat Mar 21 2009 - 12:00:01 MDT