[squid-users] R: Re: [squid-users] Squid - ldap auth against active directory 2008 R2

From: <projproxy_at_virgilio.it>
Date: Fri, 21 Jan 2011 12:41:52 +0100 (CET)

Thanks a lot for you reply!
this gives me a bit of courage...

well, I made
some test from a opensuse machine and it looks like it works...
now, if i look
at the process monitor with dependencies and thread on the original machine i
have
owner process id
root squid 5037
   |
   |
   squid
squid 4033
      |
      |
      |
      squid squid-ldap 10370

..........

I must say that i also mixed up the squid version: i´m using 3.0
Stable 9.

Do you think it´s cause the helper run under squid?
Should i insert
squid in the root group?

Thank in advance.

>----Messaggio originale----
>Da:
squid3_at_treenet.co.nz
>Data: 21-gen-2011 9.20
>A: <squid-users_at_squid-cache.org>

>Ogg: Re: [squid-users] Squid - ldap auth against active directory 2008 R2
>

>On 21/01/11 20:47, projproxy_at_virgilio.it wrote:
>> Ok, let´s start with a
general question:
>>
>> does squid work with ldap auth and
>> active directory
2008 R2???
>> is there someone that has kind of experience with
>> that???
>>

>> Thanks jcasale: yes we upgraded the domain from 2003 to 2008 R2, all
>>
domain controller (2 per each subdomain exactely like before in 2003), for sure

>> got other name and ip address and for sure I changed already the
configuration
>> of squid.
>> The firewall was the first think I looked at:
it´s compleately turned
>> off!
>>
>> The strange thing is that if I run the
helper from shell, it works
>> perfectly, instead when it´s called from the
configuration it does not work.
>
>There you have the answer to that first
Question "does squid work with
>ldap auth and active directory 2008 R2?"
>

>All Squid does is run the helper and pass it the user credentials. If
>the
helper works standalone then there is no reason why Squid cannot.
>
>Squid runs
as a low-privileged user account. Running the helper as root
>can often create
or access files and other resources with root
>permission which the Squid user
cannot access.
> Check the permissions.
>
>
>Amos
>--
>Please be using
>
Current Stable Squid 2.7.STABLE9 or 3.1.10
> Beta testers wanted for 3.2.0.4

>

                                                                                                                                                       
Received on Fri Jan 21 2011 - 11:45:10 MST

This archive was generated by hypermail 2.2.0 : Fri Jan 21 2011 - 12:00:07 MST