"Manoj Rajkarnikar" <manoj.rajkarnikar_at_gmail.com> wrote in message
news:AANLkTinGXTOwX+AysRVGoasEiqRS1qrMX2VYM8t5i3Aj_at_mail.gmail.com...
> Hi all.
>
> I've been trying to setup this squid box with authentication to AD
> 2003 server. The need in our situation is to allow the workstation
> allow access to internet and not the user since the users are always
> moving from station to station. I've already setup kerberos
> authentication successfully. I've searched through the list for any
> thing related to authorizing computer account but found none..
>
Why do you want to limit the computer not the user ? I assume the user login
to the stations with their credentials, so moving stations should not be an
issue or ?
> I'm not very familiar with ldap queries. any help would be greatly
> appreciated.. i'm trying to use squid_kerb_ldap for ldap
> authorization...
>
>
squid_kerb_ldap will connect to AD and determines if a user is a member of
an AD group. The connection to AD is authenticated using the Kerbeors key
from the squid keytab file and the AD server is found by using SRV DNS
records which are usually defined in a Windows environment with AD.
> Thank you very much for your help.
>
> Regards
> Manoj
>
Received on Tue Sep 14 2010 - 18:43:36 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 15 2010 - 12:00:03 MDT