[squid-users] Fwd: NTLM LDAP authentication problem
rafael.akchurin at diladele.com
Mon Nov 16 17:00:30 UTC 2015
Hello Matej, Eugene,
Hope our humble tutorial for Squid <-> Active Directory integration with Kerberos SSO, Basic(LDAP) auth is also useful - http://docs.diladele.com/administrator_guide_4_3/active_directory/index.html
No NTLM though!!!
Please take a look at Web Safety - our ICAP based web filter server for Squid proxy
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Eugene M. Zheganin
Sent: Monday, November 16, 2015 4:49 PM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Fwd: NTLM LDAP authentication problem
On 16.11.2015 19:51, Matej Kotras wrote:
> Thank you for your response, as this is my first try with Squid, and
> fairly newb in Linux.
> I do not understand at all differences between basic/ntlm/gss-spnego
> auths so I will do my homework and read about them. I've managed to
> get this working after few weeks of "trial and error" method (I know,
> I know, but I gotta start somewhere rite) following multiple guides.
The usual issue with all those copy/paste tutorials is that they tend to teach how to do everything at once, instead of moving from simple things to more difficult ones. This order of simplicity/difficulty is the
- adding Basic authentication, all authenticated users are authorized to use proxy
- adding NTLM authentication, all authenticated users are authorized to use proxy
- adding group-based authorization, authenticated users are authorized to use proxy basing on the group membership, using simple helper like squid_group_ldap
- adding GSS-SPNEGO authentication
- adding full-fledged GSS-SPNEGO group authorization helper.
You can try my article,
http://squidquotas.hq.norma.perm.ru/squid-auth.shtml. Though it's not perfect and still lacks two last steps, at least it tries to follow that approach.
squid-users mailing list
squid-users at lists.squid-cache.org
More information about the squid-users