[Freeipa-users] (trust domain AD)

[Ing. Adrian Hernández Yeja]

Hi Youenn, thanks for your quick response. Actually I need to create a trust domain with an AD for disable NTLM auth and take advantage of FreeIPA. I thought to use Kerberos instead NTLM. It is possible to create a trust domain with AD and authenticate users with LDAP (FreeIPA)? 

----- Mensaje original -----

De: "Youenn PIOLET" <piolet.y at gmail.com> 
Para: "Ing. Adrian Hernández Yeja" <ayeja at uci.cu> 
CC: freeipa-users at redhat.com 
Enviados: Miércoles, 21 de Diciembre 2016 13:05:30 
Asunto: Re: [Freeipa-users] (no subject) 

Hi Adrian, 

You can use basic_ldap_auth to connect to FreeIPA using LDAP instead of negotiate_kerberos_auth : 
auth_param basic program /usr/lib/squid3/basic_ldap_auth -R \ 
-b "cn=accounts,dc=example,dc=com" \ 
-f uid=%s -h <freeipa-server> -ZZ 
auth_param basic children 10 
auth_param basic realm infra.msv 
auth_param basic credentialsttl 30 second 
Regards, 

-- 
Youenn Piolet 
piolet.y at gmail.com 


2016-12-21 17:53 GMT+01:00 Ing. Adrian Hernández Yeja < ayeja at uci.cu > : 


Hi folks, I need authenticate my users against a squid proxy server using FreeIPA. I know is possible ( https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On ) but my users are not necessarily authenticated in a FreeIPA domain, so my question is if it's possible to allow this requirement either a third application or a specific configuration. 

Regards. 

La @universidad_uci es Fidel. Los jóvenes no fallaremos. 
#HastaSiempreComandante 
#HastalaVictoriaSiempre 

-- 
Manage your subscription for the Freeipa-users mailing list: 
https://www.redhat.com/mailman/listinfo/freeipa-users 
Go to http://freeipa.org for more info on the project 





La @universidad_uci es Fidel. Los jóvenes no fallaremos.
#HastaSiempreComandante
#HastalaVictoriaSiempre

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161221/ba3b058b/attachment.htm>