[Freeipa-users] (trust domain AD)
Ing. Adrian Hernández Yeja
ayeja at uci.cu
Wed Dec 21 20:59:56 UTC 2016
Hi Youenn, thanks for your quick response. Actually I need to create a trust domain with an AD for disable NTLM auth and take advantage of FreeIPA. I thought to use Kerberos instead NTLM. It is possible to create a trust domain with AD and authenticate users with LDAP (FreeIPA)?
----- Mensaje original -----
De: "Youenn PIOLET" <piolet.y at gmail.com>
Para: "Ing. Adrian Hernández Yeja" <ayeja at uci.cu>
CC: freeipa-users at redhat.com
Enviados: Miércoles, 21 de Diciembre 2016 13:05:30
Asunto: Re: [Freeipa-users] (no subject)
Hi Adrian,
You can use basic_ldap_auth to connect to FreeIPA using LDAP instead of negotiate_kerberos_auth :
auth_param basic program /usr/lib/squid3/basic_ldap_auth -R \
-b "cn=accounts,dc=example,dc=com" \
-f uid=%s -h <freeipa-server> -ZZ
auth_param basic children 10
auth_param basic realm infra.msv
auth_param basic credentialsttl 30 second
Regards,
--
Youenn Piolet
piolet.y at gmail.com
2016-12-21 17:53 GMT+01:00 Ing. Adrian Hernández Yeja < ayeja at uci.cu > :
Hi folks, I need authenticate my users against a squid proxy server using FreeIPA. I know is possible ( https://www.freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On ) but my users are not necessarily authenticated in a FreeIPA domain, so my question is if it's possible to allow this requirement either a third application or a specific configuration.
Regards.
La @universidad_uci es Fidel. Los jóvenes no fallaremos.
#HastaSiempreComandante
#HastalaVictoriaSiempre
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
La @universidad_uci es Fidel. Los jóvenes no fallaremos.
#HastaSiempreComandante
#HastalaVictoriaSiempre
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161221/ba3b058b/attachment.htm>
More information about the Freeipa-users
mailing list