[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Linux firewall auth to Windows 2000 Server via LDAP

To: openldap-general@OpenLDAP.org
Subject: Re: Linux firewall auth to Windows 2000 Server via LDAP
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 17 Oct 2000 18:08:10 +0200
Organization: stroeder.com
References: <20001017151335.4E29911615@reserved1.ghs.kzn.school.za>

"Warwick Chapman (Budgee)" wrote:
> 
> Specifically information about an authenticated firewall using LDAP
> and providing ip accounting.

Depends on what you understand with "firewall". There is more than
one firewall component.

If you think of an authenticated web proxy you might wanna use Squid
with an external authenticator using LDAP. There are several C
programs and scripts floating around for proxy_auth. For Squid
accounting you can use one of the Squid log file analyzers (e.g.
webalizer 2.x) which show per-user stats. But this has nothing to do
with LDAP.

AFAIK the ftp-proxy of S.u.S.E. also has the ability to authenticate
users against LDAP. But not sure on which *nix it runs besides Linux
and how mature it is.

LDAP support for Checkpoint FW-1 sucks I was told because you can't
configure anything else than search root and it doesn't chase
referrals => it's difficult to handle users with different
privileges. Maybe they improved it in newer versions. I don't know.

Some MTAs are also doing SMTP auth against LDAP.

etc.

Hope this helped a bit to give you an idea of the various aspects.

Ciao, Michael.

References:
- Linux firewall auth to Windows 2000 Server via LDAP
  - From: "Warwick Chapman (Budgee)" <Budgee@ghs.kzn.school.za>

Prev by Date: Re: Lag in LDAP updates
Next by Date: Re: Lag in LDAP updates
Index(es):
- Chronological
- Thread