[wellylug] LDAP info

David Harrison david.harrison at stress-free.co.nz
Tue Sep 18 10:33:22 NZST 2007


Getting Squid to use NTLM authentication sounds like the best place  
to start.
http://mkeadle.org/?p=13

This way Squid will authenticate to Samba which itself will be part  
of the ActiveDirectory domain (if that is how the 2003 server is  
configured).

It won't solve your postfix problem but it is a start that will get  
you moving down the right track.
That is assuming of you want to Windows 2003 server to be the primary  
source for identity information.


David



On 18/09/2007, at 4:35 AM, nic wrote:

> There's a bunch of users with Windows desktops, a Windows 2003  
> server, a Linux box with
> postfix and squid, people currently have separate passwords for  
> logging on to Windows, in
> to mail, and on to squid. In addition some people have passwords  
> for specialised network
> devices, and/or browser-based apps on some apache servers  
> (typically written in PHP or
> Python, with source available), PPTP access and probably a million  
> other things I've
> forgotten.
>
> LDAP is the thing that comes to mind when I think about ways of  
> trying to manage this
> complexity and move towards a single sign on, (preferably using PKI  
> rater than passwords,
> but that's another step). Trouble is, I don't really even know the  
> questions to ask to get
> me on the way, hence the ill-defined nature of the original post.
>
> Does LDAP sound like the right type of tool to use in this case? Is  
> it better to use the
> Windows AD LDAP, or a separate server? Am I being naive in thinking  
> it would be possible
> to get down to a single authentication system and a single password/ 
> key for the majority
> of users? has anyone out there done this sort of thing and are they  
> willing to sell/give
> some advice?
>
> Nic
>
> Cliff Pratt wrote:
>> nic wrote:
>>> Hi people
>>>
>>> What's a good book (or other info) on how to implement LDAP for
>>> enterprise authentication? I'm particularly interested in how to tie
>>> it in with Windows
>>>
>> Windows Active Directory contains an LDAP server. Do you want to use
>> that for authentication? Or do you want to authenticate Windows users
>> using LDAP in a workgroup situation?
>>
>> Cheers,
>>
>> Cliff
>>
>>
>
>
> -- 
> Wellington Linux Users Group Mailing List:  
> wellylug at lists.wellylug.org.nz
> To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug




More information about the wellylug mailing list