Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

squid authentication methods
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
plut0
Apprentice
Apprentice


Joined: 21 Dec 2004
Posts: 272
PostPosted: Thu Feb 08, 2007 3:20 am    Post subject: squid authentication methods Reply with quote
Is it possible to authenticate squid against either Active Directory OR local password simultaneously? I'm unfamiliar with how to configure PAM for this.
Back to top
View user's profile Send private message
plut0
Apprentice
Apprentice


Joined: 21 Dec 2004
Posts: 272
PostPosted: Thu Feb 08, 2007 2:00 pm    Post subject: Reply with quote
Found my answer, sufficient is the key word:

/etc/pam.d/squid:

Code:
auth sufficient /lib/security/pam_unix.so shadow nullok
account sufficient /lib/security/pam_unix.so

auth sufficient /lib/security/pam_stack.so service=system-auth-winbind
account sufficient /lib/security/pam_stack.so service=system-auth-winbind



/etc/squid/squid.conf

Code:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 20
auth_param ntlm keep_alive on

auth_param basic program /usr/libexec/squid/pam_auth
auth_param basic realm Local Authentication
auth_param basic children 5
auth_param basic credentialsttl 2 hours



So users on the domain auth against ntlm_auth and users not on the domain auth against pam_auth. This works on firefox, the first popup prompt is for Active Directory, if you hit cancel the second prompt comes up for local authentication. I can login on the domain or locally in firefox, no problems. With Internet Explorer however, I only get the first prompt and I am unable to login locally. This is going to be a big problem. Anyone have any thoughts or suggestions?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy