1056
Comment:
|
1176
|
Deletions are marked like this. | Additions are marked like this. |
Line 6: | Line 6: |
* Links: [[linux/tinyproxy]] | |
Line 7: | Line 8: |
* http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory |
Squid web proxy
Links: linux/tinyproxy
- My goal is to keep notes on how to enable Windows AD authentication on Squid3.x
http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
I joined the domain using "net rpc join -S PDC -U Administrator" # wbinfo -t > checking the trust secret via RPC calls succeeded > # wbinfo -u # wbinfo -g
http://www.cyberciti.biz/faq/squid-ntlm-authentication-configuration-howto/
- Not tested
#auth_param negotiate program /usr/local/squid/bin/ntlm_auth --helper-protocol=gs s-spnego
domain=> [domain] auth_param ntlm program /usr/lib/squid3/ntlm_auth -d domain/serv1 domain/serv2
acl Ip_Block_Range url_regex [0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\:443 http_access deny Ip_Block_Range
Since FTP uses numeric IPs the Skype ACL must be exact including the port.
# Skype acl numeric_IPs url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443 acl Skype_UA browser ^skype^ http_access deny numeric_IPS http_access deny Skype_UA
...