This document covers setup of a Squid Proxy which will seamlessly integrate with Active Directory for authentication using Kerberos with LDAP as a backup for users not authenticated via Kerberos. Authorisation is managed by Groups in Active Directory. This is especially useful for Windows 7 clients which no longer support NTLMv2 without changing the local computer policy. It is capable of using white lists and black lists for site access and restrictions.
For this guide the following examples are utilised – you should update any sections with the clients domain, hostnames and IP’s where necessary.
Domain = example.local
Subnet = 192.168.0.0/24
Proxy Server: IP = 192.168.0.26, HOSTNAME = squidproxy.example.local
Windows Server 1: IP = 192.168.0.1, HOSTNAME = domaincontroller1.example.local
Windows Server 2: IP = 192.168.0.10, HOSTNAME = server2.example.local
A base install of Debian Squeeze is assumed as well as basic Debian administration skills. vi is assumed as the text editor.
Facebook
RSS
