Hi,
I've gone through the instructions here:
http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
which allowed me to setup Windows AD authentication from a Squid proxy running on Linux.
Works fine, but what I want to do is not have to have people be prompted for a username and password from within their browser (and then have Squid authenticate that against AD).
That is, can Squid figure out the username and password from the machine setup to access the proxy, and auto-authenticate that username and password with AD, and if successful allow them use of the proxy?
Note that the way this is setup currently:
* users don't have internet access unless they go through Squid
* Windows AD holds accounts and groups
* groups exist for "full internet access", "limited internet access", "blocked sites"
* Squid uses the LDAP helper to query the username and group to determine what access the user has to the internet
* Squid prompts for a username and password
* ACL's determine what regex files to query for allowed sites, blocked sites etc
What I need to do is try and avoid the Squid login/password window and just allow the Windows login people use to login to Windows (and their AD accounts) for Squid to auto-authenticate.
Can this be done? if so, any URL's or how-to's anyone knows about?
Thanks.
Michael.
__________________________________________________________________________________
See what's on at the movies in your area. Find out now: http://au.movies.yahoo.com/session-times/
Received on Fri Dec 04 2009 - 04:56:41 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 04 2009 - 12:00:01 MST