[squid-users] Re: Kerberos load balancer and AD

From: Markus Moeller <huaraz_at_moeller.plus.com>
Date: Wed, 22 May 2013 19:45:09 +0100

In addition you need to add an option to squid_kerb_auth -s GSS_C_NO_NAME
otherwise the module will expect a HTTP/<proxy-name>

Markus

"SPG" <spggps8.2_at_gmail.com> wrote in message
news:1369208281267-4660187.post_at_n4.nabble.com...
Hi,

I've read a lot of post about kerberos and load balancers, but I don't have
clear the configuration. I have work one squid with kerberos, but now I want
balance the service. I think that correct configuration is:

1º - Create a account o computer acount in AD

       loadbalancer.abg.local

2º - Create a DNS direct and reverse for loadbalancer.abg.local with ip
virtual of balancer

4º - ktpass -princ HTTP/loadbalancer.abg.local_at_ABG.LOCAL -mapuser
loadbalancer\loadbalancer -pass admin1234 -crypto rc4-hmac-nt -ptype
krb5_nt_principal -out squid.keytab

3º - Copy keytab in all squids and configure its

4º - Put in proxy pack

return "PROXY loadbalancer.abg.corp:8080; DIRECT";

A lot of thanks.

--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/Kerberos-load-balancer-and-AD-tp4660187.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed May 22 2013 - 18:45:29 MDT

This archive was generated by hypermail 2.2.0 : Thu May 23 2013 - 12:00:35 MDT