Hello,
I'm currently building a Windows Domain Controller with samba3/openLDAP
backend and also maintain the unix accounts in that directory.
In our network we have Win2k (in that samba3 Domain) as well as openSuSE
Terminals (with user auth against the ldap dir).
Now how can I configure Squid in order to not ask again (after already
logging onto the machine) for user/pass but still have a user based logging.
Currently my squid config looks like this:
auth_param basic program /usr/sbin/squid_ldap_auth -v 3 -d -b
"dc=xxxxxxx,dc=xxxxxxx" -f "(uid=%s)" -D
"cn=Manager,dc=xxxxxxx,dc=xxxxxxx" -w xxxxxxxx localhost:389
auth_param basic children 20
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 60 minutes
ethernal_alc_type proxy_group %LOGIN /usr/sbin/squid_ldap_group -v
-b "ou=Groups,dc=xxxxxxx,dc=xxxxxxx" -f "(&(cn=%a)(memberUid~=%u))"
localhost:389
acl ldap_password proxy_auth REQUIRED
acl ldap_group external proxy_group SquidUsers
http_access allow ldap_group
But obviously that will prompt the user for his credentials.
Note: We're using IE6/FF/Opera and for special users even Netscape (7 -
if i remember correctly).
Thank you for your help
Greetings
Alexander