pingvinos
asked on
Squid Authentication Against Active Directory
Hello!
For some time I have a problem with the following:
I have an Active Directory domain with several computers.I have made group in AD for AD users who should be allowed to access internet. I have configured Squid proxy server to authenticate users based on their AD membership,but one thing is missing:the users,when starting their web browsers,have to enter username/password (domain one).It is embarrassing to them,although they can click OK and use stored passwords...I know that it is possible to configure Squid with Kerberos,so that the credentials of AD user logged on machine are used,and it is completely transparent top user,no prompt for username/password.
If you can help me,please explain which services needs to be configured (samba,kerberos?).Please do not post if you haven't already done it by yourself,because I have read tons of how-to's and they don't work...Thanks!
For some time I have a problem with the following:
I have an Active Directory domain with several computers.I have made group in AD for AD users who should be allowed to access internet. I have configured Squid proxy server to authenticate users based on their AD membership,but one thing is missing:the users,when starting their web browsers,have to enter username/password (domain one).It is embarrassing to them,although they can click OK and use stored passwords...I know that it is possible to configure Squid with Kerberos,so that the credentials of AD user logged on machine are used,and it is completely transparent top user,no prompt for username/password.
If you can help me,please explain which services needs to be configured (samba,kerberos?).Please do not post if you haven't already done it by yourself,because I have read tons of how-to's and they don't work...Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks!
http://klaubert.wordpress.com/2008/01/09/squid-kerberos-authentication-and-ldap-authorization-in-active-directory/