Kinkie wrote:
> On Tue, 2006-01-24 at 14:23 -0200, Fernando Lujan wrote:
>
>> Hi all,
>>
>> I'm researching a way to authenticate users using Samba or Ldap. There
>> problem is that I need to authenticate the users using group policies.
>> Which is the best alternative to implement this behavior?
>>
>
> Authenticate or authorize? As in: "yes, I the server trust that you are
> really user foo\bar" or "yes, given that you are foo\bar you can access
> url http://gazonk.com/"?
>
> The former cannot be done via group policy, the latter can be. Not in
> the "Group policy" sense, but rather in the "check group membership"
> sense.
>
> This is relevant because squid splits authentication from authorization.
> The former can be done via samba's winbind or (if you're running on
> windows using the LSA) or again via ldap against a domain controller,
> the latter is better done via ldap. For the details on "how" please do a
> search on this mailing-list - it's almost a FAQ.
Thanks Kinkie. I'm serarching for the authorization behavior. :)
I found a howto here http://workaround.org/moin/SquidLdap , and I'm
going to use it.
Fernando Lujan
Received on Tue Jan 24 2006 - 12:46:45 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST