RE: [Security Firewall] MNF 8.2, Squid auth w/Windows 2003?

Tue, 26 Oct 2004 07:54:26 -0700 

-----Original Message-----
From: Tango Echo [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 23, 2004 11:46 AM
To: fire-mdk
Subject: RE: [Security Firewall] MNF 8.2, Squid auth
w/Windows 2003?


----Original Message-----
From: Florin [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 19, 2004 8:36 AM
To: [EMAIL PROTECTED]
Subject: Re: [Security Firewall] MNF 8.2, Squid auth
w/Windows 2003?


Tango Echo <[EMAIL PROTECTED]> writes:

> Hi all,
> 
> I currently have MNF 8.2 with Squid authenticating
to
> a Windows NT 4.0 domain.  Is it possible to
configure
> the proxy to authenticate with a Windows 2003
domain?
> If so, how is this accomplished?
> 
> Thanks in advance!

Hi there,

Is this W 2003 configured in the native mode, ie using
the AD server ? In that case, you should consider
using the squid_ldap authentication mode ... 

You could search the squid mail archive for more infos
on this ... 

http://www.squid-cache.org/mail-archive/squid-users/

my 2cts,
-- 
Florin                          http://www.mandrakesoft.com
                                http://people.mandrakesoft.com/~florin/

==================================


Thaks for the follow up Florin.  The solution sounds
easy, but it doesn't seem to work here.  The domain is
in Windows 2000 native so I tried the LDAP
authentication from the web interface.  I'm not sure
what to put for an OU so I just put one that contained
a user.  However, when that user (or any user from the
W2K domain) tries to login, the authentication does
not go thru and the login box just keep popping up. 
Do I need to add some extra rules to allow the LDAP
auth to work? Do I need to have the proxyauth file on
the domain controller?  Any other ideas?

Here is an entry from the /var/log/squid/access.log
file:
1093275487.460     12 192.168.69.154 TCP_DENIED/407
1424 GET http://web.icq.com/groups/browse_folder?
USERNAME NONE/- -

And from the /avr/log/squid/store.log:
1093275511.292 RELEASE -1 FFFFFFFF
6CC5DCE15835088D6C483B2DDEABC6A3  407        -1       
-1        -1 unknown -1/1316 GET
http://web.icq.com/favicon.ico

===============================
===============================

Sorry to bring this up again, but I never got a reply
or a fix.  Anyone have some ideas? Florin?

Thanks,

Techo



                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 


____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

Reply via email to