Gregory Machin wrote:
> then I would have to install samba from what I understand, and or
> policy is not file sharing services allowed on the firewalls . Is
> there a way to get a single sign on with out installing samba ?
Correct me if I'm wrong, but I don't think the NTLM helper for squid
requires that samba be installed on the same mahcine. Just at an
available source over the network.
Amos
>
> On Mon, Sep 15, 2008 at 5:56 PM, Kevin Blackwell <akblackwel_at_gmail.com> wrote:
>> Gregory,
>>
>> I was running into the same problems. I finally for it working.
>>
>> Couple of questions
>>
>> 1. What OS
>> 2. Why not use ntlm_auth? Works better.
>>
>> Kevin
>>
>> On Mon, Sep 15, 2008 at 9:06 AM, Gregory Machin <gdm_at_linuxpro.co.za> wrote:
>>> Hi
>>> I'm batteling to get squid_ldap_auth to authenticate against M$
>>> windows Active Directory 2008 with my config below
>>>
>>> /usr/lib64/squid/squid_ldap_auth -b "OU=Organizational
>>> Structure,DC=example,DC=co,DC=za" -h 10.*.*.250 -D
>>> "CN=squid,OU=Other,OU=TC JHB,OU=Company,OU=Organizational
>>> Structure,DC=example,DC=co,DC=za" -w "Password1" -f
>>> "(&(uid=%s)(objectclass=user))"
>>>
>>> I have used a similar config on windows Active Directory 2003 and it
>>> worked perfectly fine. Is there a catch to authenticating against the
>>> 2008 version of AD ? or have I missed some thing ..
>>>
>>> How is the best way to debug this as squid does not log or output any
>>> errors even when in debugging mode ..
>>>
>>> when is run
>>> [root_at_gregory-workstation ~]# /usr/lib64/squid/squid_ldap_auth -b
>>> "OU=Organizational Structure,DC=techconcepts,DC=co,DC=za" -h
>>> 10.0.1.250 -D "CN=squid,OU=Other,OU=TC
>>> JHB,OU=Company,OU=Organizational
>>> Structure,DC=techconcepts,DC=co,DC=za" -w "Password1" -f
>>> "(&(uid=%s)(objectclass=user))" -v3
>>> gregory.machin Password1
>>> ERR Success
>>>
>>> I get "ERR Success"
>>> I believe I should get "OK"
>>> How can I get more info out of this interface ?
>>>
>>> Thanks in advance .
>>>
-- Please use Squid 2.7.STABLE4 or 3.0.STABLE9Received on Tue Sep 16 2008 - 12:00:03 MDT
This archive was generated by hypermail 2.2.0 : Tue Sep 16 2008 - 12:00:03 MDT