Alex Sharaz wrote:
> but you don't have to have proxy users integrated into the unix accounts. My
> squid caches are basically black boxes with 2 userids on it. My own and a
> colleague in the computer centre. The "squid" file in /etc/pam.d just says
> "authenticate to openldap" there is no reference to local user as found in
> /etc/passwd or nis or whatever else you would normaly use so if a user with a
> userid of FredBloggs tries to use the cache as long as his userid is in our ldap
> database it all works
Normally you need the user to exists in NSS for PAM to work.. what does
your /etc/nsswitch.conf say?
> Would there be any performance hits using pam instead of a squid ldap module? I
> must admit that I've only got about 20 people authenticating to our caches and
> as there are 4 of them connected to a load balancing switch there's notmuch
> going on at the moment :-))
The performance should be slightly better with the native module, but it
is marginal.
Regards
Henrik
Received on Thu Feb 13 2003 - 03:47:06 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:22 MST