David Gwynne wrote:
pretty sure he would. it's useful.
Running squid against an authentication service is useful. Yes.Allowing AD near any part of your infrastructure is the opposite of useful and results in a net loss of productivity. No.
LDAP+Kerberos is one tried and true option, but there are others nowadays. Don't confuse AD with a useful tool or with an authentication service
-Lars