Hi Youenn, thanks for your quick response. Actually I need to create a trust domain with an AD for disable NTLM auth and take advantage of FreeIPA. I thought to use Kerberos instead NTLM. It is possible to create a trust domain with AD and authenticate users with LDAP (FreeIPA)?
----- Mensaje original ----- De: "Youenn PIOLET" <piole...@gmail.com> Para: "Ing. Adrian Hernández Yeja" <ay...@uci.cu> CC: freeipa-users@redhat.com Enviados: Miércoles, 21 de Diciembre 2016 13:05:30 Asunto: Re: [Freeipa-users] (no subject) Hi Adrian, You can use basic_ldap_auth to connect to FreeIPA using LDAP instead of negotiate_kerberos_auth : auth_param basic program /usr/lib/squid3/basic_ldap_auth -R \ -b "cn=accounts,dc=example,dc=com" \ -f uid=%s -h <freeipa-server> -ZZ auth_param basic children 10 auth_param basic realm infra.msv auth_param basic credentialsttl 30 second Regards, -- Youenn Piolet piole...@gmail.com 2016-12-21 17:53 GMT+01:00 Ing. Adrian Hernández Yeja < ay...@uci.cu > : Hi folks, I need authenticate my users against a squid proxy server using FreeIPA. I know is possible ( https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On ) but my users are not necessarily authenticated in a FreeIPA domain, so my question is if it's possible to allow this requirement either a third application or a specific configuration. Regards. La @universidad_uci es Fidel. Los jóvenes no fallaremos. #HastaSiempreComandante #HastalaVictoriaSiempre -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project La @universidad_uci es Fidel. Los jóvenes no fallaremos. #HastaSiempreComandante #HastalaVictoriaSiempre
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
