[K12OSN] proxy or ntlm authentication for client in k12ltsp
John Lucas
mrjohnlucas at gmail.com
Thu Jun 12 20:15:28 UTC 2008
yogesh agrawal wrote:
> thanx for ur help, so far we have used winbind to authenticate and have
> been able to authenticate with the nt server also we have been able to
> use ssh to authenticate with the domain using PAM, but that is in console.
> If u didnt get what i mean then,
> if i use ssh username at localhost then the localhost ask for password
> which it authenticate with the nt server.
>
> Now our problem how to integrate it with the gui, i mean log on menu
>
> john: i went through advance proxy, it can help to authenticate the ltsp
> server with the domain server. But my problem is how to authenticate
> the LTSP client with the domain or proxy server.
>
What proxy are you currently using? Is it Windows based? I have used
LDAP authentication with Squid, and as I recall each session requires a
login. If your proxy assumes that 1 PC == 1 User, then you may have to
change proxies to do what you need (1 PC != 1 User).
> Peter: i went through the archive but couldnt find any thing, it would
> be really nice of u if u can direct me further .
>
> Yogesh
>
> On Thu, Jun 12, 2008 at 7:50 PM, John Lucas <mrjohnlucas at gmail.com
> <mailto:mrjohnlucas at gmail.com>> wrote:
>
> Peter Scheie wrote:
>
> I think the usual solution is to run a separate proxy box
> between the ltsp server and the internet. The box runs squid
> which I believe has modules that can be used for authentication
> & authorization, etc. This question has come up on the list
> before; search the archives by googling for, say, 'web proxy
> site:www.redhat.com/archives/k12osn
> <http://www.redhat.com/archives/k12osn>'.
>
> Peter
>
>
> The "Advanced Proxy" add-on to IPCop can use several authentication
> methods, including LDAP and Windows and it can be part of a
> Firewall/Content-filter/Proxy-caching setup in one box. I am using
> IPCop with several add-ons:
>
> - URLFilter (version of SquidGuard)- for content filtering
> - BlockOutTraffic for controlling outbound IP traffic
> - Update Accelerator - for caching updates for Apple, Linux and
> Windows (among others).
> - Advanced Proxy (version of Squid) - needed to have both Update
> Accelerator and URLFilter add-ons.
>
> Just make sure you have machine with adequate RAM and Disk space
> (I'm using a 2.8Ghz P4 with 2GB RAM and 80GB HD).
>
>
> yogesh agrawal wrote:
>
> hi everyone,
>
> I will try to explain my problem, in case of LTSP, if the
> server has access to internet all the clients also have
> access to internet. But my problem is i have to give access
> to only authorized person on the client to access net. so
> need some authentication system. At present we use non ltsp
> system which uses ntlm and proxy authentication.
> i cant use mac authentication, coz deployment site has
> cyber cafe kind of environment, i which user keep on
> changing but the machines r fixed.
>
> I am really stuck coz of this problem, it would be really
> nice of u if u let me know how to overcome this problem or
> direct me to other sites tht can help.
>
> best regards
> yogesh
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
>
>
> --
> "History doesn't repeat itself; at best it rhymes."
> - Mark Twain
>
> | John Lucas MrJohnLucas at gmail.com
> <mailto:MrJohnLucas at gmail.com> |
> | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
> | 18.3°N, 65°W AST (UTC-4) |
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
--
"History doesn't repeat itself; at best it rhymes."
- Mark Twain
| John Lucas MrJohnLucas at gmail.com |
| St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W AST (UTC-4) |
More information about the K12OSN
mailing list