Authorizing users via LDAP group:
It is listed in the squid_ldap_group man page that using -D binddn -W secret
fle is to be preferred on -D binddn -w password. While it provides extra
security then printing the password in plaintext inside squid.conf. Doesnt this
query itself go in clear text over the network? If this is a risk how to handle
this situation?
1. Should we create a special account with minimum of rights required to query
Active Directory?
2. Or perform this query over TLS? and how it can be done?
3. Allowing anonymous queries can also be configured in Active directory
however it does not look appropriate. May be it has no issues in the total
private setup!
Please your guidance is required.
regards,
Bilal
_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969
