Dear All/Amos,
I want to allow certain(not all) Active Directory users to use squid by way of
SSO with Active Directory. So means when any one from those specific users will
login into Active Directory they should have automatically access to internet
via Squid Proxy. Other AD users which have not permissions granted in Squid
will be disallowed. Is it possible? How please guide in detail.
This was my assumption of how it would be done:
I needed to compile squid with these additional options
--enable-basic-auth-helpers="LDAP" --enable-auth="basic,negotiate,ntlm"
--enable-external-acl-helpers="wbinfo_group,ldap_group"
--enable-negotiate-auth-helpers="squid_kerb_auth"
Right??
I need to configure krb5.conf to point to AD as Default_realm on CENTOS 5.4 to
right?
I think that i must need to make Centos 5.4 member of the domain? Am i right or
its not necessary
How these specific AD users(with internet access allowed) will be
told/mentioned to the squid?
I have also studied your article
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ldap?action=print
However this is allowing all(not specific) Active Directory or LDAP users
internet access. This logic is just checking the validity of user account with
Active directory by popping up a login/password and if succeeded network access
is granted. Am i right?
Bottom line is that i am completely lost and have not much idea what and how to
do it. We previously are using Microsoft ISA server and are about to move to
Squid and this requirement is very necessary.
regards,
Bilal Aslam
_________________________________________________________________
Hotmail: Free, trusted and rich email service.
https://signup.live.com/signup.aspx?id=60969
