[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] proxy or ntlm authentication for client in k12ltsp



i am using squid with ntlm authentication, in linux environment. Problem is like if the ltsp server is connected to the internet and the client are able to access the internet, no authentication nothing.

On Fri, Jun 13, 2008 at 2:00 AM, John Lucas <mrjohnlucas gmail com> wrote:
yogesh agrawal wrote:
thanx for ur help, so far we have used winbind to authenticate and have been able to authenticate with the nt server also we have been able to use ssh to authenticate with the domain using PAM, but that is in console.
If u didnt get what i mean then,
if i use ssh username localhost then the localhost ask for password which it authenticate with the nt server.

Now our problem how to integrate it with the gui, i mean log on menu

john: i went through advance proxy, it can help to authenticate the ltsp server with the  domain  server. But my problem is how to authenticate the LTSP client with the domain or proxy server.


What proxy are you currently using? Is it Windows based? I have used LDAP authentication with  Squid, and as I recall each session requires a login. If your proxy assumes that 1 PC == 1 User, then you may have to change proxies to do what you need (1 PC != 1 User).

Peter: i went through the archive but couldnt find any thing, it would be really nice of u if u can direct me further .

Yogesh

On Thu, Jun 12, 2008 at 7:50 PM, John Lucas <mrjohnlucas gmail com <mailto:mrjohnlucas gmail com>> wrote:

   Peter Scheie wrote:

       I think the usual solution is to run a separate proxy box
       between the ltsp server and the internet.  The box runs squid
       which I believe has modules that can be used for authentication
       & authorization, etc.  This question has come up on the list
       before; search the archives by googling for, say, 'web proxy
       site:www.redhat.com/archives/k12osn
       <http://www.redhat.com/archives/k12osn>'.


       Peter


   The "Advanced Proxy" add-on to IPCop can use several authentication
   methods, including LDAP and Windows and it can be part of a
   Firewall/Content-filter/Proxy-caching setup in one box. I am using
   IPCop with several add-ons:

          - URLFilter (version of SquidGuard)- for content filtering
          - BlockOutTraffic for controlling outbound IP traffic
          - Update Accelerator - for caching updates for Apple, Linux and
            Windows (among others).
          - Advanced Proxy (version of Squid) - needed to have both Update
            Accelerator and URLFilter add-ons.

   Just make sure you have machine with adequate RAM and Disk space
   (I'm using a 2.8Ghz P4 with 2GB RAM and 80GB HD).


       yogesh agrawal wrote:

            hi everyone,

           I will try to explain my  problem, in case of LTSP, if the
           server has access to internet all the clients also have
           access to internet. But my problem is i have to give access
           to only authorized person on the client to access net. so
           need some authentication system. At present we use non ltsp
           system which uses ntlm and proxy authentication.
           i cant use mac authentication, coz deployment site  has
           cyber cafe kind of environment, i which user keep on
           changing but the machines r fixed.

           I am really stuck coz of this problem, it would be really
           nice of u if u let me know how to overcome this problem or
           direct me to other sites tht can help.

           best regards
           yogesh


           ------------------------------------------------------------------------

           _______________________________________________
           K12OSN mailing list
           K12OSN redhat com <mailto:K12OSN redhat com>

           https://www.redhat.com/mailman/listinfo/k12osn
           For more info see <http://www.k12os.org>


       _______________________________________________
       K12OSN mailing list
       K12OSN redhat com <mailto:K12OSN redhat com>

       https://www.redhat.com/mailman/listinfo/k12osn
       For more info see <http://www.k12os.org>



   --           "History doesn't repeat itself; at best it rhymes."
                          - Mark Twain

   | John Lucas                MrJohnLucas gmail com
   <mailto:MrJohnLucas gmail com>               |

   | St. Thomas, VI 00802      http://mrjohnlucas.googlepages.com/ |
   | 18.3°N, 65°W              AST (UTC-4)                         |


   _______________________________________________
   K12OSN mailing list
   K12OSN redhat com <mailto:K12OSN redhat com>

   https://www.redhat.com/mailman/listinfo/k12osn
   For more info see <http://www.k12os.org>



------------------------------------------------------------------------

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>


--
       "History doesn't repeat itself; at best it rhymes."
                       - Mark Twain

| John Lucas                MrJohnLucas gmail com               |
| St. Thomas, VI 00802      http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W              AST (UTC-4)                         |

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]