[K12OSN] A different authentication issue
barry at yellowdog.com
Thu Apr 15 17:02:17 UTC 2004
NDS and squid
We used to have a Bordermanager box and would control access to the net
through NDS groups. Essentially, if you were in the "Internet_Users"
group then BorderManager let you use the net. It worked very well for 3
or 4 years.
We now use squid proxy and have it authenticate to Novell through LDAP.
Read this pdf for the general details:
Check last weeks archives from this newsgroup, too. I had described how
we use squid to authenticate users from the very same "Internet_Users"
group that we used for BorderManager.
The only difference squid made for the users is that now they have to
authenticate when a browser is opened for the first time. Bordermanager
handled that task for them in the background. Luckily, though, the
authentication squid asks for is the exact same name and password that
they use to login to Netware.
We don't have a particulary computer literate group of users where I
work yet there were very few issues getting people up and running. When
some of them whinned about the extra effort, we just told them that the
money saved by changing to the new product will probably go towards
savings somebody's job. That made most of them reasonably tolerant of
the new authentication "hassle".
Squid has been our primary proxy for about 8 months now. It would be a
tough call to say which system (squid or BorderManager) was faster or
had better uptime. They both are excellent.
More information about the K12OSN