[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re: [suse-security] Squid Update ?
Am Donnerstag, 23. Oktober 2003 17:04 schrieb André Sänger:
> Hello Roman,
> Thursday, October 23, 2003, 4:16:01 PM, you wrote:
> > impossible, you mean ftp.suse.com.
> Sorry, you´re right.
> > Please simply try it out.
> As I told I did that and it works. I just wondered if it was the
> proper way to do it.
> Although I found two external helpers to do the job
> wbinfo_group matches users to NT groups using wbinfo
> winbind_group matches users to NT groups using winbind
> neither of them is included in the squid binary rpm.
> Just wondered if there was a reason for that (they are available in
> squid-2.5.STABLE1-63.src.rpm). Or maybe some other way SuSE thought
> of for that functionality.
> So I just tried using wbinfo_group.pl manually.
we are using this together with several Active directory server for
authentication, but i never found an rpm.
You have to compile a new version of squid (--with-ntlm-auth and
--with-wb_group or so...), install a recent samba version, start the
winbind server and try it out!
By far the trickiest parts were:
- entering the ad domain, receiving and keeping (even after ads reboot!)
a trusted position (vertrauensstellung, i don't know the english word)
how did anybody else solve this? i'm not content with the skript we
have, because there's a password in it.
The Problem is after the ads server reboots, it forgets that the linux
host is a trusted host and therefore no auth data is being sent
- finding the exact syntax for wb_group
- integrating the self-compiled squid in webmin for admin purposes.
however, it works, but it's not trivial.
> Best regards,
> André mailto:Andre.Saenger@xxxxxx
Mit freundlichen Grüßen
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
fon: +49 941 70 65 23 - mobil: +49 170 302 709 2
web: http://feilner-it.net mail: mfeilner@xxxxxxxxxxxxxx
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here