EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Friday 27 December 2024, 09:32:34 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Development
Contribute Your Customisations & Modifications
Transparent Edirectory Authentication
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Transparent Edirectory Authentication (Read 54019 times)
martman22
Full Member
Offline
Posts: 27
Transparent Edirectory Authentication
«
on:
Thursday 09 December 2010, 06:20:17 am »
Hi,
Here are some instructions for setting up transparent edirectory authentication with Endian 2.4. It seems to work well and content filtering and the other options are still selectable and function. I was not able to get LDAP ssl working for this, but since the transparent check does not need passwords it may not be needed. Also since I am not a perl or cgi programmer by trade I did not enable multiple edirectory groups. If you are a programmer and can make those few changes for selecting groups it would be appreciated.
It would be great if the endian team would consider adding this authentication type as a standard feature in a future release.
Note: This add-on allows users logged into an edirectory server to access the http proxy without a login prompt.
!!Update: Updated instructions for secure authentication and also tips on redundancy for auth and proxy server using dns.
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: Transparent Edirectory Authentication
«
Reply #1 on:
Friday 10 December 2010, 03:01:02 am »
Very very interesting, thanks. żIs there some setup to do the same with Active Directory?
Logged
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication
«
Reply #2 on:
Friday 10 December 2010, 05:33:04 am »
Looks like you already have that in NTLM AD authentication.
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: Transparent Edirectory Authentication
«
Reply #3 on:
Tuesday 14 December 2010, 04:30:01 am »
It's not the same. I've been testing with non-transparent proxy, and it's more problematic than transparent one.
Although it correctly filter out https, I have problems with some programs and some services.
Logged
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication
«
Reply #4 on:
Tuesday 14 December 2010, 12:26:15 pm »
I hope we are not confusing transparent proxy with transparent authentication where a user does not need to login per say. This will only work with a non-transparent proxy as far as I know. This add-on feature is the latter. Sorry for the confusion.
Logged
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication
«
Reply #5 on:
Tuesday 22 February 2011, 12:15:00 am »
A quick modifications.
Corrected the squid template file to fix a problem with the antivirus not linking with the transparent proxy. I also shortened the fall back authentication to a single line in squid conf.
Logged
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication
«
Reply #6 on:
Saturday 21 May 2011, 12:41:26 am »
This mod should also work with version 2.4.1 - follow the directions with the following exception: make the script change to proxypolicy.cgi instead of proxyconfig.cgi.
Logged
whoiam55
Full Member
Offline
Posts: 71
Re: Transparent Edirectory Authentication - Updated
«
Reply #7 on:
Thursday 23 June 2011, 01:05:51 am »
Nice one, thanks you very much
Logged
सत्यमेव जयते!
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication - Updated
«
Reply #8 on:
Friday 02 September 2011, 04:55:54 am »
FYI.
For eDir=> 8.8 on Linux Suse server change the following line in squid_edir_iplookup.pl :
$netaddress="1\#";
to
$netaddress=sprintf("9\#%c%c",0,0);
Logged
martman22
Full Member
Offline
Posts: 27
Re: Transparent Edirectory Authentication
«
Reply #9 on:
Saturday 12 November 2011, 06:22:36 am »
Here is an update to the squid helper app that will work with both types of edirectory servers. Change the name of this script to the same as in your squid.conf before using. And of course modify it with your correct edirectory parameters.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.094 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com