On Feb 5, 2008, at 10:32 AM, Lars Noodin wrote:
[EMAIL PROTECTED] wrote:
[blather]
Obviously you've had no contact with AD or the cruftware it is
infesting.
So what standards-based authentication service would you propose
besides LDAP+Kerberos? Hesiod? Shibboleth?
-Lars
I think Andre's point, which I happen to agree with, is that the OP
may well not have control over what authentication system is in use.
It is a sad but undeniable fact that Windows networks are ubiquitous,
and having tools to interface with them would increase usability and
provide a real alternative to proprietary closed source options.
Given the choice, I'd prefer not to use AD. Given the choice I'd
elect not to use windows at all. Sometimes that's just not an option,
and I'm not rich enough to turn down the work.
I won't argue either way for the inclusion of the patch, as I have no
real information about it, but to simply reject the idea of AD
authentication may be tempting, but it really does smack of denial.
Does AD suck major ass? Absolutely. Is it in extremely wide use by
companies who wouldn't even consider moving away from it? Absolutely.
Would it be useful to have squid authenticate to AD? Absolutely.
Should this be included..... ? Maybe, maybe not. There are other
tools available, some work better than others. I rather like the
flexibility of Squid, and I am prepared to state that if this were
included, I'd use it.
On the other hand, I have Squid running on OpenBSD as a proxy at one
location now, and simply provide separate proxies based on AD OU's
using group policy. It's not elegant, but it works.
-Jonathan
