Hey,

I am currently running Squid through my IPcop firewall box and would like it to authenticate users VIA LDAP to Active Directory. I would like to set it up so if a user in my AD tree is a part of httpdisabled group then Squid will block all traffic to the net for thouse users. Also I would like it so the users in my AD tree have to login to the proxy so its easyer to track who is doing what rather the ip of the system. So if Joe.Test goes on the net he has to login with Joe.Test for the proxy which will authenticate with his AD password.

If squid has to be installed on another system seperately from IPcop i will do this as well if needed.

If anyone knows any tutorials on how to do this or has any tips please let me know.

Thank you,

hi there,

one option is to use squid with PAM authenification and then alter your /etc/pam.d/squid file to get information from Active Directory

http://www.yourhowto.org/content/view/34/9/ - Linux client to authenticate against ADS via pam & LDAP

http://www.yourhowto.org/content/view/4/9/ - squid with pam authentication

The other option of course is NTLM with squid

http://www.yourhowto.org/content/view/26/9/ - Squid With NTLM authentication

that will transpartly get the username from users that are logged into the domain.

Thanks info I will give it a try when I get a chance and see how it goes.