[squid-users] Authorization via LDAP group

From: GIGO . <gigoz_at_msn.com>
Date: Mon, 12 Apr 2010 07:51:07 +0000

Authorizing users via LDAP group:
 
 
It is listed in the squid_ldap_group man page that using -D binddn -W secret fle is to be preferred on -D binddn -w password. While it provides extra security then printing the password in plaintext inside squid.conf. Doesnt this query itself go in clear text over the network? If this is a risk how to handle this situation?

1. Should we create a special account with minimum of rights required to query Active Directory?

2. Or perform this query over TLS? and how it can be done?

3. Allowing anonymous queries can also be configured in Active directory however it does not look appropriate. May be it has no issues in the total private setup!

 
Please your guidance is required.
 

regards,
Bilal
                                                
_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969
Received on Mon Apr 12 2010 - 07:51:14 MDT

This archive was generated by hypermail 2.2.0 : Mon Apr 12 2010 - 12:00:04 MDT