Hello all,
While being rather much of a newbee in Squid-land, I understand that it
is possible to connect micro$oft Active Directory with an authentication
helper for Squid, thus creating a silent (non-user-intervented)
authentication from Squid against the Active Directory database.
I got this far:
auth_param ntlm program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp --domain=OURDOMAIN
auth_param basic program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-basic --domain=OURDOMAIN
auth_param ntlm program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
--require-membership-of='OURDOMAIN\somegroup'
auth_param basic program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-basic
--require-membership-of='OURDOMAIN\somegroup'
auth_param basic children 5
auth_param basic realm Squid proxyserver
auth_param basic credentialsttl 1 hour
acl fromlocal src 192.168.0.0/255.255.255.0 192.168.10.0/255.255.255.0
192.168.11.0/255.255.255.0
acl toplanet dstdomain www.planet.nl
acl admin proxy_auth required
acl towww dst 0.0.0.0/0.0.0.0
acl user proxy_auth me
acl all src 0.0.0.0/0.0.0.0
http_access allow admin toplanet fromlocal
http_access allow user towww fromlocal
http_access deny all
As you can see I use the site www.planet.nl as a test-domain.
When I hash out the ntlm lines, the authentication window nicely pops-up
in IE, stating the realm above. However, above setup does'nt function as
expected. No html requests are accepted at all, but no 40x page is
displayed neither. What am I doing wrong here? Can anyone help me out?
TIA, grw.
BTW: I also am looking for a good howto or other documentation
describing the interaction between MS-AD, Samba 3 and Squid 2.5. Anyone?
Wouter Bakker
===============================================
Netwerk- en systeembeheerder
Gelink Adviesgroep BV
w.bakker@nietthuis.nl
===============================================
Received on Wed May 12 2004 - 05:00:12 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT