[K12OSN] proxy or ntlm authentication for client in k12ltsp
yogesh agrawal
getyogi at gmail.com
Thu Jun 12 20:37:05 UTC 2008
i am using squid with ntlm authentication, in linux environment. Problem is
like if the ltsp server is connected to the internet and the client are able
to access the internet, no authentication nothing.
On Fri, Jun 13, 2008 at 2:00 AM, John Lucas <mrjohnlucas at gmail.com> wrote:
> yogesh agrawal wrote:
>
>> thanx for ur help, so far we have used winbind to authenticate and have
>> been able to authenticate with the nt server also we have been able to use
>> ssh to authenticate with the domain using PAM, but that is in console.
>> If u didnt get what i mean then,
>> if i use ssh username at localhost then the localhost ask for password which
>> it authenticate with the nt server.
>>
>> Now our problem how to integrate it with the gui, i mean log on menu
>>
>> john: i went through advance proxy, it can help to authenticate the ltsp
>> server with the domain server. But my problem is how to authenticate the
>> LTSP client with the domain or proxy server.
>>
>>
> What proxy are you currently using? Is it Windows based? I have used LDAP
> authentication with Squid, and as I recall each session requires a login.
> If your proxy assumes that 1 PC == 1 User, then you may have to change
> proxies to do what you need (1 PC != 1 User).
>
> Peter: i went through the archive but couldnt find any thing, it would be
>> really nice of u if u can direct me further .
>>
>> Yogesh
>>
>> On Thu, Jun 12, 2008 at 7:50 PM, John Lucas <mrjohnlucas at gmail.com<mailto:
>> mrjohnlucas at gmail.com>> wrote:
>>
>> Peter Scheie wrote:
>>
>> I think the usual solution is to run a separate proxy box
>> between the ltsp server and the internet. The box runs squid
>> which I believe has modules that can be used for authentication
>> & authorization, etc. This question has come up on the list
>> before; search the archives by googling for, say, 'web proxy
>> site:www.redhat.com/archives/k12osn
>> <http://www.redhat.com/archives/k12osn>'.
>>
>>
>> Peter
>>
>>
>> The "Advanced Proxy" add-on to IPCop can use several authentication
>> methods, including LDAP and Windows and it can be part of a
>> Firewall/Content-filter/Proxy-caching setup in one box. I am using
>> IPCop with several add-ons:
>>
>> - URLFilter (version of SquidGuard)- for content filtering
>> - BlockOutTraffic for controlling outbound IP traffic
>> - Update Accelerator - for caching updates for Apple, Linux and
>> Windows (among others).
>> - Advanced Proxy (version of Squid) - needed to have both Update
>> Accelerator and URLFilter add-ons.
>>
>> Just make sure you have machine with adequate RAM and Disk space
>> (I'm using a 2.8Ghz P4 with 2GB RAM and 80GB HD).
>>
>>
>> yogesh agrawal wrote:
>>
>> hi everyone,
>>
>> I will try to explain my problem, in case of LTSP, if the
>> server has access to internet all the clients also have
>> access to internet. But my problem is i have to give access
>> to only authorized person on the client to access net. so
>> need some authentication system. At present we use non ltsp
>> system which uses ntlm and proxy authentication.
>> i cant use mac authentication, coz deployment site has
>> cyber cafe kind of environment, i which user keep on
>> changing but the machines r fixed.
>>
>> I am really stuck coz of this problem, it would be really
>> nice of u if u let me know how to overcome this problem or
>> direct me to other sites tht can help.
>>
>> best regards
>> yogesh
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>>
>>
>> -- "History doesn't repeat itself; at best it rhymes."
>> - Mark Twain
>>
>> | John Lucas MrJohnLucas at gmail.com
>> <mailto:MrJohnLucas at gmail.com> |
>> | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
>> | 18.3°N, 65°W AST (UTC-4) |
>>
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>
>
> --
> "History doesn't repeat itself; at best it rhymes."
> - Mark Twain
>
> | John Lucas MrJohnLucas at gmail.com |
> | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
> | 18.3°N, 65°W AST (UTC-4) |
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20080613/ed434138/attachment.htm>
More information about the K12OSN
mailing list