[squid-users] Kerberos + LDAP issue
Tomislav Lučan
tomislav.lucan at gmail.com
Thu Dec 8 14:09:17 UTC 2022
I have one question (issue) and I hope that you can help me.
Kerberos authentication works perfectly fine when the PC is connected to
Domain and the user is authenticated.
auth_param negotiate program
/usr/local/libexec/squid/negotiate_kerberos_auth -r -d -k
/usr/local/etc/squid/squidproxy.keytab
What I try to achieve is to authenticate the user with his AD credentials
when the PC is not on DOMAIN.
auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b
"dc=yourcompany,dc=com" -D uid=some-user,ou=People,dc=yourcompany,dc=com
-w password -f uid=%s ldap.yourcompany.com
I can do that with LDAP, but only if I disable (in config) Kerberos on
Squid.
Somehow Kerberos and LDAP config don't work together.
Error that I getting in the log is :
LDAP ERROR: Negotiate Authentication validating user. Result: {result=BH,
notes={message: received type 1 NTLM token; }}
On the other side, Kerberos is working fine.
I would really like to have your input on it
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20221208/6b604636/attachment.htm>
More information about the squid-users
mailing list