Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

Hi. Im having problems with Kerberos. I cannot do the keytab... kinit squid (all good) - klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: sq...@xxx.lan Valid starting Expires

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

On 20/08/2016 7:13 a.m., erdosain9 wrote: > For eg., in all the config that i read is necessary a file call something > like squid.keytab... > its possible just make a user in AD like "squid", and then just log the > squid in the Ad??? or is mandatory generating this file??? > thanks Perhapse you

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

For eg., in all the config that i read is necessary a file call something like squid.keytab... its possible just make a user in AD like "squid", and then just log the squid in the Ad??? or is mandatory generating this file??? thanks -- View this message in context: http://squid-web-proxy-cache.

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sorry, this is not to me. My setups works without any authentication, just transparent interception. :) 20.08.2016 0:16, erdosain9 пишет: > :-) > lol > > This is the krb5.conf in the AD. > [libdefaults] > default_realm = EPRUEBA.LAN >

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

:-) lol This is the krb5.conf in the AD. [libdefaults] default_realm = EPRUEBA.LAN dns_lookup_realm = false dns_lookup_kdc = true ~ just that. the admin of the AD, tell me that squid need to authenticate with Kerberos to have all other conf

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 https://www.google.com/search?q=Kerberos+%28Heimdal%29+configuring 19.08.2016 21:20, erdosain9 пишет: > Kerberos (Heimdal) -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXtykTAAoJENNXIZxhPexG3yUH/3wOl8nd6OAtfWVcCKYvDqFS A2aAiVL

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

Hi. Could give me a link for configuring Kerberos (Heimdal) ???. I can not find tutorials about it. Thanks! -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/AD-Ldap-automatically-take-the-user-that-is-logging-on-PC-tp4678994p4679045.html Sent from the Squid -

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

On Thu, Aug 18, 2016 at 04:45:54PM +1200, Amos Jeffries wrote: > > IIRC, there is a setting somewhere called "Use Windows Integrated > Authentication" that sometimes has to be enabled for SSO to work with > non-Microsoft designed authentication schemes. > Not in my experience - if you have "Use

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

On 18/08/2016 12:11 p.m., brendan kearney wrote: > You want Kerberos and/or NTLM authentication for Single Sign On. That is a myth. SSO is simply a way of building the system so that the credentials used for machine login work when sent to the proxy and other services. If you don't build the syste

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

:squid-users-boun...@lists.squid-cache.org] On Behalf Of brendan kearney Sent: Thursday, August 18, 2016 2:12 AM To: erdosain9 Cc: Squid Users Subject: Re: [squid-users] AD Ldap (automatically take the user that is logging on PC) You want Kerberos and/or NTLM authentication for Single Sign On.

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

so.. there is no way to do that with ldap? :-( -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/AD-Ldap-automatically-take-the-user-that-is-logging-on-PC-tp4678994p4679001.html Sent from the Squid - Users mailing list archive at

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

You want Kerberos and/or NTLM authentication for Single Sign On. These authentication methods automatically provide credentials when browser are configured and the necessary network services are running. On Aug 17, 2016 6:30 PM, "erdosain9" wrote: > lol > no, for all the ACL. > vip and control.

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

lol no, for all the ACL. vip and control... that no users need to enter username and password ... (only to log on to the PC, but do not have to put username and password in the browser).. for all. (i dont speak english.) -- View this message in context: http://squid-web-pro

Re: [squid-users] AD Ldap (automatically take the user that is logging on PC)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Vips do not want enter username and password? :) 18.08.2016 2:58, erdosain9 пишет: > Hi > Squid configured to authenticate with AD with LDAP. this is the relevant > configuration. > > > # Active Directory > auth_param basic program /usr/lib64/squ

[squid-users] AD Ldap (automatically take the user that is logging on PC)

Hi Squid configured to authenticate with AD with LDAP. this is the relevant configuration. # Active Directory auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b "cn=Users,dc=example,dc=lan" -D sq...@example.lan -w pass -f sAMAccountName=%s -v 3 -s sub -h 192.168.1.60 auth_param basi