On Thu, 22 Jan 2004, Jaime Nebrera Herrera wrote: > Ajah, yes that might be a choice, but some of the systems dont depend on us > (preciselly the AD server :) but is a good choice
For both access methods to AD (Winbind or LDAP) you need some cooperation from the directory managers. In case of Winbind your server must be allowed to join the domain. In case of LDAP you need a dummy account allowed to search for users and groups within the active-directory. If you want transparent login without requesting the user to login again to the proxy then you must use ntlm authentication, which means you need to use the winbind approach, or have the users save their proxy passwords within MSIE.. Regards Henrik
