On Mon, 27 Jan 2003 14:15:55 +0100
Markus Feilner wrote:
|Hello List,
|Sorry for the german mail before - I forgot this is an English list
|I am running Squid 2.4 with ldap_group_auth in a Windows active |Directory Network.
|It works fine, Clients that are in the WWW_Users group can access the |proxy, others can't.
|What we don't like is: Every user has to authenticate himself actively |before accessing the proxy with login/password in a small |authentication window.
|Can't Squid use the authentication data that windows provides?
|because the user is already logged in in the network, and even windoze |sends login/password data, or doesn't it?
|Thanks!
|Markus
Hi, I reply this before but seems I send it anywhere else, if not, sorry for the duplicated message.
If proxy clients use MSIE then you can use NTLM authentication, this allows users to validate against a PDC, and users already validated in the domain don't need to re-validate every time they open the browser.
This works fine, but Squid must be > 2.5 and also you need Samba with winbind running. (for more info Google "NTLM + squid")
Since you are using ldap to validate I don't know if this is actually a solution for you, but is the only way for users to not enter name/pass every time they open M$IE.
Greetings
--
Jorge D. Buchmann | jbuchmann@intraredes.com
|
intraRedes S.R.L. | http://www.intraredes.com