Re: [squid-users] squid and W2k/ActiveDirectory

From: Guido Serassio <[email protected]>
Date: Wed, 21 Aug 2002 12:29:06 +0200

Hi,

Il 12.13 21/08/2002 Jakob Curdes ha scritto:
>Now I have two answers.... so this means as long as we run the NT Domain
>services there is no significant change whereas for the native way there
>is no solution yet ? Is this correct ?

You can authenticate on a W2K AD domain in Native or Mixed mode in two modes:

- NTLM, using native NT 4 emulation of AD, this works on native or mixed
mode, but needs Pre-Windows 2000 compatibility activated at first dcpromo
time. If You have any NT4 or 9x working system on Your AD, You are OK.
Both winbindd and old SMB auth works fine on NTLM/AD, but SMB, as says
Henrik is very unstable.

-LDAP, but without IE automatic authentication.

Regards

Guido

>Yours, Jakob Curdes
>
>Henrik Nordstrom wrote:
> >
> > Provided your ActiveDirectory provides NT Domain services for NT clients it
> > should work just fine (NT Domain Services is a requirement for NTLM),
> but you
> > probably will need to use winbind and not the older (unstable) ntlm_auth
> > helper.
> >
> > Note: It is yet unclear how proxy authentication will work in a 100% native
> > MSAD environment only supporting Microsoft Kerberos login methods.
> >
> > Regards
> > Henrik
> >

-
=======================================================
Serassio Guido
Via Albenga, 11/4 10134 - Torino - ITALY
E-mail: guido.serassio@serassio.it
WWW: http://www.serassio.it
Received on Wed Aug 21 2002 - 04:29:12 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:46 MST