Squid transparent AD authentication

Publié le

This article describes how to make transparent squid authentication against active directory. Prerequisite: your linux box has joined the domaine, see article: Debian active directory authentication Just remember to check your DNS config in resolv.conf: domain unknown.local search unknown.local nameserver 10.10.22.30 nameserver 10.10.22.100 Make a reverse check with # dig -x <nameserver ip> Ensute time … Lire la suite Squid transparent AD authentication

iptables INVALID use case

Publié le

This article describes a use case of iptables INVALID state. LAN 192.168.0.0/24 is connected to the gateway 192.168.0.1 eth1. VPN server 192.168.0.100 offers VPN services on network 10.0.0.0/24, for example a client will have the address 10.0.0.237. VPN server has two interfaces 192.168.0.100 and 10.0.0.1, forwarding is enabled. All routes are maintained ONLY on the … Lire la suite iptables INVALID use case

Debian active directory authentication

Publié le

In this article AD domain is UNKNOWN.LOCAL (UNKNOWN). Domaine crontroller is carotte. Ensure the debian server date and the AD server do have the same date and time. If needed install ntpd or ntpdate. # ntpdate carotte Check your DNS configuration: domain unknown.local search unknown.local nameserver carotte Install packages: # aptitude install krb5-user libpam-krb5 libnss-winbind … Lire la suite Debian active directory authentication