sorry if I was not clear enough: for the native mode one needs the pam_krb5 nss_ldap packages in order to authenticate against a AD server. But this is almost feasable with the actual MNF: simply configure the pam authentication with the web interface: then configure pam_krb5 and nss_ldap so the system gets the credentials and the user from AD and add the corresponding rules (AD ports)
... I hope is more clear now ... my 2cts, >Tango Echo <[EMAIL PROTECTED]> writes: > Florin, > > I feel like we are going in circles here... I was > under the impression that we had already established > that: > > 1) I am running a W2K domain model with Active > Directory (which MNF can authenticate to). > > 2) I have tried using either ldap or samba with out > any success. > > 3) I need to have the MNF box authenticate to the W2K > domain. > > I'll paste a previous email below to bring you up to > speed on where I am. Thanks! > > ================================== > ================================== > ================================== > > Thaks for the follow up Florin. The solution sounds > easy, but it doesn't seem to work here. The domain is > in Windows 2000 native so I tried the LDAP > authentication from the web interface. I'm not sure > what to put for an OU so I just put one that contained > a user. However, when that user (or any user from the > W2K domain) tries to login, the authentication does > not go thru and the login box just keep popping up. > Do I need to add some extra rules to allow the LDAP > auth to work? Do I need to have the proxyauth file on > the domain controller? Any other ideas? > > Here is an entry from the /var/log/squid/access.log > file: > 1093275487.460 12 192.168.69.154 TCP_DENIED/407 > 1424 GET http://web.icq.com/groups/browse_folder? > USERNAME NONE/- - > > And from the /avr/log/squid/store.log: > 1093275511.292 RELEASE -1 FFFFFFFF > 6CC5DCE15835088D6C483B2DDEABC6A3 407 -1 > -1 -1 unknown -1/1316 GET > http://web.icq.com/favicon.ico > > > > > __________________________________ > Do you Yahoo!? > Y! Messenger - Communicate in real time. Download now. > http://messenger.yahoo.com > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
