Smoothwall and Active Directory

A

Asha'man X

Expert Member
Joined
Aug 31, 2006
Messages
1,401
Reaction score
23
Location
Cape Town
Hey everyone

I have a question about Smoothwall, more specifically about how to get it, along with the Advanced Proxy Mod, to authenticate against an Active Directory server.

I was at my old high school today, and I switched them from IPCop to Smoothwall, as it's a much more active project. I installed Advanced Proxy, which works well. The school has been using local authentication on the previous IPCop box itself, which isn't all that useful when trying to track users.

Now Advanced Proxy has an option to authenticate users via LDAP, which works with AD. However, despite following the manual to the letter, I was unable to get the proxy to authenticate users. After entering username and password, the browser would just "hang", trying to retrieve a page. That leads me to suspect that the authentication is perhaps not really happening.

Has anyone ever gotten this to work? I know it's possible to authenticate against AD, I set that up at my ex job with a plain Linux box. I'm going to try by playing with virtual machines, but if anyone has any experience and solutions, I would appreciate it.

Thanks :)
 
Fire up a situation and let it fail, pay close attention to the log output and google further.

Also check the logs on the AD server. Perhaps there is some juicy infomation there.

Thats what I would do.
 
Some progress: by playing around in virtual machines, and searching Google, I think I may have hit on the problem. It appears that the LDAP information isn't correct, as a quick check proved to me. In the base DN field, I changed cn=Users to ou=Users, and authentication went through.

Looking in the squid cache log, whenever the setting is cn=Users, the ldap library complains, but put it ou=Users, and things work.

Guess I'm going to have to go look up ldap strings then, that should explain everything else. I always heard that using ldap could be a nightmare, but now I know it. Funny thing is, another guide I had used to set up the plain Linux box way back didn't work for me this time.

Looks like some more studying is needed.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X