Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid + OpenLDAP groups with single sign on/passthrough auth

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      workingman
      last edited by

      Hi all,

      I've been asked to attempt a setup as described in the subject line.

      The LDAP is running on an OSX server and I have been able to get squid to do user based LDAP auth.

      Problems I have are:

      1. the login popup in the browser (I have seen many docs saying the OS should share credentials but haven't been able to get that working)
      2. groups acl for ease of black/whitelisting the execs vs staff

      Ideally I would have no IP based rules, just one login to the machine and whatever OS it is (we have Win7, OSX and CentOS) would pass the credentials on to squid.

      Anyone fought this fight before and won?

      TIA…

      1 Reply Last reply Reply Quote 0
      • W
        workingman
        last edited by

        Hi all,

        I found out today that they're not opposed to replacing the OSX openLDAP if it is causing more problems that it's solving since it seems to be only doing half the job and then only really controlling the OSX machines.

        So I'm currently cooking up a debian virtual machine to try to prove that it can/should be replaced.

        Could anyone suggest the best approach?  I'd like to stay away from a Win AD setup if possible but if I must then maybe I must…

        Thanks!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.