Since winbind uses ``base64'' encoding is it possible for squid and winbind to only look at the username being presented and not ask for the password therefore the password would not be transmitted in clear text?
Jim
Henrik
Nordstrom To: Jim_Brouse/[EMAIL PROTECTED]
<[EMAIL PROTECTED] cc: [EMAIL PROTECTED]
he.org> Subject: Re: [squid-users] squid and ldap
and active directory
03/19/2004
02:31 PM
On Fri, 19 Mar 2004 Jim_Brouse/[EMAIL PROTECTED] wrote:
> I want to use squid and have users authenticate via their currently in
use
> active directory username and password, to do this do I need open ldap
> installed on the squid server?
You need the OpenLDAP libraries if you want to use the LDAP helpers for
Squid.
You do not need the OpenLDAP server or clients installed.
> Will the users be presented with an username/password box or will squid
use
> the curretly in use credentials of the user who is logged on?
LDAP is only possible in the Basic authentication scheme where the users
is asked for their login.
If you want to use automatic login then you need to use the NTLM scheme,
and here the recommended approach is to install Samba-3 and have the Squid
server join your windows domain. See the Squid FAQ on winbind for details.
Regards
Henrik
