Re: [squid-users] Ldap + active directory: bizarreauthentication

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 18 Nov 2010 21:43:30 +1300

>>>>> "Riccardo Castellani" 11/17/2010 2:24 PM
>>>>>
>> I tested Squid authentication by ActiveDirectory LDAP.
>> I tried to navigate in these 2 cases:
>>
>> A) from clients which are in workgroup: if I type credentials of a
>> domain
>> user, surfing works fine.
>> B) from clients which are into domain: if I type credentials of my
>> domain
>> user (current logged domain user) Squid requests again me credentials !
>>
>> While I type credentials of another domain user (different from my
>> current
>> domain user) surfing works !
>>
>> Suggestions ?! It's very bizarre behaviour !
>>
>
> ----- Original Message -----
> From: "Chad Naugle" wrote:
>
>> It really isn't bizzare, because that is how it is designed to work. It
>> uses the credentials you provide to authenticate the user, and logs it
>> that way.
>>

On 18/11/10 09:54, Riccardo Castellani wrote:
>> B) from clients which are into domain: if I type credentials of my
>> domain
>> user (current logged domain user) Squid requests again me credentials !
>> While I type credentials of another domain user (different from my
>> current
>> domain user) surfing works !
>
>
> Read point B :
>

There is something wrong when Squid tests for validity of the "current
logged domain user" credentials. They are either declared invalid by AD
or that user is denied access through the proxy.

Can't tell without seeing your configuration file.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.9
   Beta testers wanted for 3.2.0.3
Received on Thu Nov 18 2010 - 08:43:34 MST

This archive was generated by hypermail 2.2.0 : Thu Nov 18 2010 - 12:00:03 MST