[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

NDS for Squid

Posted on 1999-12-14
5
Medium Priority
?
725 Views
Last Modified: 2008-03-10
I have an internal LAN, with a couple servers running Netware. All my users are in the NDS tree, using Client trust to get out through a Novell BorderManager firewall. I'd like to switch over and use a linux box and squid as a web proxy. How do I tie in authentication with NDS and Squid ?
0
Comment
Question by:jforman
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:j2
ID: 2283090
You don't. that simply isnt supported unfortunately.
0
 

Author Comment

by:jforman
ID: 2284342
Thanks. I was wondering, I have seen PAM modules that can be integrated with Squid. Could you clarify what those do and if they could help my situation?
0
 
LVL 12

Expert Comment

by:j2
ID: 2284392
Problem here is that when using novell, users logon to the netware server to gain access to the network. You dont do that with linux in the same fashion, so to authentify, the users would have to open a telnet session to the linuxserver, and log on.
0
 
LVL 15

Expert Comment

by:samri
ID: 2310842
I actually are looking for the same solution.

The problem is integrating authentication on these two systems are primarily due to different types of authentication scheme used.  Novell uses NDS but Squid which I believe are stuck with Linux/UNIX authentication scheme.

  The trick into getting these two "guys" to talk to each other is to introduced another "middle-ware" that could talk both ways - one can understand NDS and can talk via IP.

  With recent version of Netware (Novell Netware 5), Novell has come up with it's own LDAP (Lightweight Directory Access Protocol) option to be installed to it's Netware 5 box.  So if you could get a Netware 5 running on you NDS, then we can start from there.

   Then on the squid side, you should create an ACL that points to the LDAP server for user authentication.   I have come across  the documentation on how to do that, but somehow forgot their URL.

   Another cheap trick is to your Squid and BorderManager is a hierachahy, where BM is the child to Squid.  So all users will hit BM first, and get authenticated there, and BM will point to Squid as the parent.  At the same time, denied all access to Squid except for the BM box.  This way, the only way to go out (browse) is to go via BM.

   There goes my 10 cents comments.

Please share with me if you find any other good recommendations.
0
 
LVL 15

Accepted Solution

by:
samri earned 100 total points
ID: 2311516
I actually are looking for the same solution.

The problem is integrating authentication on these two systems are primarily due to different types of authentication scheme used.  Novell uses NDS but Squid which I believe are stuck with Linux/UNIX authentication scheme.

The trick into getting these two "guys" to talk to each other is to introduced another "middle-ware" that could talk both ways - one can understand NDS and can talk via IP.

With recent version of Netware (Novell Netware 5), Novell has come up with it's own LDAP (Lightweight Directory Access Protocol) option to be installed to it's Netware 5 box.  So if you could get a Netware 5 running on you NDS, then we can start from there.

Then on the squid side, you should create an ACL that points to the LDAP server for user authentication.   I have come across  the documentation on how to do that, but somehow forgot their URL.

Another cheap trick is to your Squid and BorderManager is a hierachahy, where BM is the child to Squid.  So all users will hit BM first, and get authenticated there, and BM will point to Squid as the parent.  At the same time, denied all access to Squid except for the BM box.  This way, the only way to go out (browse) is to go via BM.

I hope this might help

                            Please share with me if you find any other good recommendations.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question