Univention Bugzilla – Bug 32373
add gss-spnego (kerberos) support to squid_ldap_ntlm_auth
Last modified: 2015-02-10 14:39:42 CET
+++ This bug was initially created as a clone of Bug #31972 +++ The changes here should be merged to UCS 3.2 +++ This bug was initially created as a clone of Bug #31967 +++ We should gss-spnego (kerberos) support to squid_ldap_ntlm_auth than we activate squid negotiate: # auth negotiate auth_param negotiate program /usr/lib/squid3/squid_ldap_ntlm_auth --debug --gss-spnego auth_param negotiate children 10 Linux user with a keberos ticket than can authenticate to the squid server without a password prompt. Windows user with a ticket (samba4) also Windows user without a ticket (samba3) can also authenticate without a password because then windows does ntlm over negotiate.
Kerberos authentication if already documented: http://docs.univention.de/manual-3.2.html#proxy:userauth
OK
Nothing to release