23 Oct
2003
23 Oct
'03
19:59
Am Donnerstag, 23. Oktober 2003 17:04 schrieb André Sänger: > Hello Roman, > > Thursday, October 23, 2003, 4:16:01 PM, you wrote: > > impossible, you mean ftp.suse.com. > > Sorry, you´re right. > > > Please simply try it out. > > As I told I did that and it works. I just wondered if it was the > proper way to do it. > > Although I found two external helpers to do the job > > wbinfo_group matches users to NT groups using wbinfo > winbind_group matches users to NT groups using winbind > direcly > > neither of them is included in the squid binary rpm. > > Just wondered if there was a reason for that (they are available in > squid-2.5.STABLE1-63.src.rpm). Or maybe some other way SuSE thought > of for that functionality. > > So I just tried using wbinfo_group.pl manually. we are using this together with several Active directory server for authentication, but i never found an rpm. You have to compile a new version of squid (--with-ntlm-auth and --with-wb_group or so...), install a recent samba version, start the winbind server and try it out! By far the trickiest parts were: - entering the ad domain, receiving and keeping (even after ads reboot!) a trusted position (vertrauensstellung, i don't know the english word) [off-topic] how did anybody else solve this? i'm not content with the skript we have, because there's a password in it. The Problem is after the ads server reboots, it forgets that the linux host is a trusted host and therefore no auth data is being sent anymore. - finding the exact syntax for wb_group - integrating the self-compiled squid in webmin for admin purposes. however, it works, but it's not trivial. enjoy! markus > > > -- > Best regards, > André mailto:Andre.Saenger@gmx.de -- Mit freundlichen Grüßen Markus Feilner -- Linux Solutions, Training, Seminare und Workshops - auch Inhouse Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg fon: +49 941 70 65 23 - mobil: +49 170 302 709 2 web: http://feilner-it.net mail: mfeilner@feilner-it.net