[afnog] Squid: Authenticating multiple domains
Mike Barnard
mike.barnardq at gmail.com
Wed Aug 11 17:57:25 UTC 2010
squid wiki gives this:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
On Wed, Aug 11, 2010 at 11:34 AM, Evelyn Namara
<evelyn.namara at orange.co.ug>wrote:
> Hello guys,
>
>
>
> I need help with how to configure squid to accept authenticating multiple
> domains when accessing the Internet.
>
>
>
> I have a setup with 2 windows domains right now, one that is active and the
> other that needs to be deployed.
>
> Right now the scenario is that one domain is able to authenticate users to
> use the internet, via LDAP.
>
>
>
> I have a line like this one in my squid config; [ I protected some fields]
>
>
>
> auth_param basic program /usr/lib64/squid/squid_ldap_auth -R -b
> "ou=mydomain Users,dc=xxx ,dc=xx, dc=xx" -D xxxx\\xxx -w passwd -f
> sAMAccountName=%s -h 172.19.3.148 172.19.3.149
>
>
>
> however, I can’t have 2 lines in my squid file to cater for the other
> domain.
>
>
>
> The only way the other domain is able to authenticate and use the internet
> right now is by creating the same username, and password like the ones on
>
> The working domain, and that way they both can work.
>
>
>
> What way can I use squid to authenticate against multiple windows domains
> without having to create a duplicate account on the other windows domain?
>
>
>
> Thank you for the help.
>
>
>
>
>
> [image: logo_rgb.jpg]**
>
> * *
>
> *Evelyn Namara*
>
> Information Technology
>
>
>
> Mobile +256 79 079 0183
>
> Direct line +256 79 079 2183
>
> Fax +256 41 777 2001
>
>
>
> Orange Uganda Limited,
>
> Plot 28-30 Clement Hill Road,
>
> P. O. Box 24144, Kampala, Uganda
> evelyn.namara at orange.co.ug <name.surname at orange.co.ug>
>
>
>
>
> **************************************************
> This message and any attachments (the "message") are confidential and
> intended solely for the addressees.
> Any unauthorised use or dissemination is prohibited.
> Messages are susceptible to alteration.
> Orange Uganda Limited shall not be liable for the message if altered,
> changed or falsified.
> If you are not the intended addressee of this message, please cancel it
> immediately and inform the sender.
> **************************************************
>
> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog
>
--
Mike
Of course, you might discount this possibility, but remember that one in
a million chances happen 99% of the time.
------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20100811/501fbc41/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 885 bytes
Desc: not available
URL: <http://afnog.org/pipermail/afnog/attachments/20100811/501fbc41/attachment.jpg>
More information about the afnog
mailing list