Alex Sharaz wrote: > but you don't have to have proxy users integrated into the unix accounts. My > squid caches are basically black boxes with 2 userids on it. My own and a > colleague in the computer centre. The "squid" file in /etc/pam.d just says > "authenticate to openldap" there is no reference to local user as found in > /etc/passwd or nis or whatever else you would normaly use so if a user with a > userid of FredBloggs tries to use the cache as long as his userid is in our ldap > database it all works
Normally you need the user to exists in NSS for PAM to work.. what does your /etc/nsswitch.conf say? > Would there be any performance hits using pam instead of a squid ldap module? I > must admit that I've only got about 20 people authenticating to our caches and > as there are 4 of them connected to a load balancing switch there's notmuch > going on at the moment :-)) The performance should be slightly better with the native module, but it is marginal. Regards Henrik
