active directory 2008.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

active directory 2008.

Christophe Leloup-2
Good morning all,

I am French. excuse me for my English.
I am looking for a tutorial. how integrated an active directory 2008 with squid.

do you have any leads or websites?

thank you
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: active directory 2008.

Amos Jeffries
Administrator
On 20/10/20 10:44 pm, Christophe Leloup wrote:
> Good morning all,
>
> I am French. excuse me for my English.
> I am looking for a tutorial. how integrated an active directory 2008 with squid.
>
> do you have any leads or websites?
>

That depends on what you are trying to make Squid do, which you have not
mentioned. For better help please provide details.

<https://wiki.squid-cache.org/> has a lot of info.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: active directory 2008.

Christophe Leloup-2

Hi,

I have connected my debian to my active directory. I don't have machine authentication by user but only by ip. attached my squid.conf.


thanks


#
# LDAP & Kerberos (Active Directory) Authentication
#
# Negociate kerberos and ntlm authentication
auth_param negotiate program /usr/lib/squid/negotiate_wrapper_auth -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=TRIEFUS --kerberos /usr/lib/squid/negotiate_kerberos_auth -d -s GSS_C_NO_NAME
auth_param negotiate children 10
auth_param negotiate keep_alive off
# Pure ntlm Authentication
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 20
auth_param ntlm keep_alive off
# Provide basic ldap authentication for clients not authenticated via kerberos/ntlm
auth_param basic program /usr/lib/squid/basic_ldap_auth -h SRVMASTER-BIS.triefus.home -D "CN=squid,CN=Users,DC=triefus,DC=home“ -b ”dc=triefus,dc=home" -W /etc/squid/ldappass.txt -f "(samaccountname=%s)"
auth_param basic children 5
auth_param basic realm “Proxy Authentication”
auth_param basic credentialsttl 2 hours
# ldap authorisation
external_acl_type memberof %LOGIN /usr/lib/squid/ext_ldap_group_acl -R -K -b "dc=triefus,dc=home“ -D ”CN=squid,CN=Users,DC=triefus,DC=home" -W /etc/squid/ldappass.txt -f "(&(objectclass=person)(sAMAccountName=%v))" -h SRVMASTER-BIS.triefus.home



 

envoyé : 20 octobre 2020 à 13:42
de : Amos Jeffries <[hidden email]>
à : [hidden email]
objet : Re: [squid-users] active directory 2008.


On 20/10/20 10:44 pm, Christophe Leloup wrote:

Good morning all,

I am French. excuse me for my English.
I am looking for a tutorial. how integrated an active directory 2008 with squid.

do you have any leads or websites?

That depends on what you are trying to make Squid do, which you have not
mentioned. For better help please provide details.

<https://wiki.squid-cache.org/> has a lot of info.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: active directory 2008.

Amos Jeffries
Administrator
On 21/10/20 1:24 am, Christophe Leloup wrote:
> Hi,
>
> I have connected my debian to my active directory. I don't have machine
> authentication by user but only by ip. attached my squid.conf.
>

Well. Yes, that looks true.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: active directory 2008.

Amos Jeffries
Administrator
In reply to this post by Christophe Leloup-2
On 21/10/20 1:24 am, Christophe Leloup wrote:
> Hi,
>
> I have connected my debian to my active directory. I don't have machine
> authentication by user but only by ip. attached my squid.conf.
>
>

Have a read of this:
 <https://wiki.squid-cache.org/Features/Authentication>

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users