[K12OSN] proxy or ntlm authentication for client in k12ltsp

John Lucas mrjohnlucas at gmail.com
Thu Jun 12 20:15:28 UTC 2008 

yogesh agrawal wrote:
> thanx for ur help, so far we have used winbind to authenticate and have 
> been able to authenticate with the nt server also we have been able to 
> use ssh to authenticate with the domain using PAM, but that is in console.
> If u didnt get what i mean then,
> if i use ssh username at localhost then the localhost ask for password 
> which it authenticate with the nt server.
> 
> Now our problem how to integrate it with the gui, i mean log on menu
> 
> john: i went through advance proxy, it can help to authenticate the ltsp 
> server with the  domain  server. But my problem is how to authenticate 
> the LTSP client with the domain or proxy server.
> 

What proxy are you currently using? Is it Windows based? I have used 
LDAP authentication with  Squid, and as I recall each session requires a 
login. If your proxy assumes that 1 PC == 1 User, then you may have to 
change proxies to do what you need (1 PC != 1 User).

> Peter: i went through the archive but couldnt find any thing, it would 
> be really nice of u if u can direct me further .
> 
> Yogesh
> 
> On Thu, Jun 12, 2008 at 7:50 PM, John Lucas <mrjohnlucas at gmail.com 
> <mailto:mrjohnlucas at gmail.com>> wrote:
> 
>     Peter Scheie wrote:
> 
>         I think the usual solution is to run a separate proxy box
>         between the ltsp server and the internet.  The box runs squid
>         which I believe has modules that can be used for authentication
>         & authorization, etc.  This question has come up on the list
>         before; search the archives by googling for, say, 'web proxy
>         site:www.redhat.com/archives/k12osn
>         <http://www.redhat.com/archives/k12osn>'.
> 
>         Peter
> 
> 
>     The "Advanced Proxy" add-on to IPCop can use several authentication
>     methods, including LDAP and Windows and it can be part of a
>     Firewall/Content-filter/Proxy-caching setup in one box. I am using
>     IPCop with several add-ons:
> 
>            - URLFilter (version of SquidGuard)- for content filtering
>            - BlockOutTraffic for controlling outbound IP traffic
>            - Update Accelerator - for caching updates for Apple, Linux and
>              Windows (among others).
>            - Advanced Proxy (version of Squid) - needed to have both Update
>              Accelerator and URLFilter add-ons.
> 
>     Just make sure you have machine with adequate RAM and Disk space
>     (I'm using a 2.8Ghz P4 with 2GB RAM and 80GB HD).
> 
> 
>         yogesh agrawal wrote:
> 
>              hi everyone,
> 
>             I will try to explain my  problem, in case of LTSP, if the
>             server has access to internet all the clients also have
>             access to internet. But my problem is i have to give access
>             to only authorized person on the client to access net. so
>             need some authentication system. At present we use non ltsp
>             system which uses ntlm and proxy authentication.
>             i cant use mac authentication, coz deployment site  has
>             cyber cafe kind of environment, i which user keep on
>             changing but the machines r fixed.
> 
>             I am really stuck coz of this problem, it would be really
>             nice of u if u let me know how to overcome this problem or
>             direct me to other sites tht can help.
> 
>             best regards
>             yogesh
> 
> 
>             ------------------------------------------------------------------------
> 
>             _______________________________________________
>             K12OSN mailing list
>             K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>             https://www.redhat.com/mailman/listinfo/k12osn
>             For more info see <http://www.k12os.org>
> 
> 
>         _______________________________________________
>         K12OSN mailing list
>         K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>         https://www.redhat.com/mailman/listinfo/k12osn
>         For more info see <http://www.k12os.org>
> 
> 
> 
>     -- 
>            "History doesn't repeat itself; at best it rhymes."
>                            - Mark Twain
> 
>     | John Lucas                MrJohnLucas at gmail.com
>     <mailto:MrJohnLucas at gmail.com>               |
>     | St. Thomas, VI 00802      http://mrjohnlucas.googlepages.com/ |
>     | 18.3°N, 65°W              AST (UTC-4)                         |
> 
> 
>     _______________________________________________
>     K12OSN mailing list
>     K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>     https://www.redhat.com/mailman/listinfo/k12osn
>     For more info see <http://www.k12os.org>
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>


-- 
         "History doesn't repeat itself; at best it rhymes."
                         - Mark Twain

| John Lucas                MrJohnLucas at gmail.com               |
| St. Thomas, VI 00802      http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W              AST (UTC-4)                         |

More information about the K12OSN mailing list