[gentoo-user] squid with active directory

[gentoo-user] squid with active directory

[Matt Harrison]

Hi all,

I have a gentoo box that acts as a firewall, router and squid proxy.

I've been following a guide[1] to integrate squid authentication with 
our active directory domain.

The guide is a little bit out of date and it doesn't seem to work for 
me. Authentication is refused to non-authenticated users without 
prompting for credentials (i want to be prompted) but it is also refused 
for users logged into the domain.

Has anyone successfully got this to work? If so can you supply any tips 
for my squid.conf?

Many thanks

Matt

[1]http://cryptoresync.com/2006/05/18/installing-squid-with-active-directory-authentication/

Re: [gentoo-user] squid with active directory

[Matt Harrison]

Let me clarify a little bit:

Before attempting this integration, I had an acl line like this:

acl internal src 10.194.217.0/24

And i'm allowing that like so:

http_access allow internal

I'm just not sure how to change this to allow access to authenticated 
users while prompting for those not authenticated.

As far as the guide I have mentioned goes, my kerberos and ldap are 
working perfectly and samba is joined to the domain. winbind is running 
and using the ntlm helper tests from the guide it appears that 
authentication for users against the AD is working.

The problem is that squid.conf is a very large config file and I've only 
ever played with a few options (1 acl, nothing more complex).

Any ideas appreciated

Matt