+ Post New Thread
Results 1 to 2 of 2
*nix Thread, Latest version of squid in Technical; Good morning all We have an old version of squid installed on one of our servers and we are looking ...
  1. #1
    ranj's Avatar
    Join Date
    Feb 2006
    Thank Post
    Thanked 42 Times in 32 Posts
    Rep Power

    Latest version of squid

    Good morning all

    We have an old version of squid installed on one of our servers and we are looking to replace this with a new filtering system (hopefully the latest version of squid) but just had a few questions to establish whether the new version of squid will be able to accomadate our requirements.

    As we have 2 separate networks for apple and windows we have a slight issue with the apple clients connecting to the internet. At the moment With old squid we have issues with the Apple Macs authenticating with Squid, it was very slow and would prompt the user every time they would go to any site to enter their username and password. This was when we trialled out having the Apple Macs on the AD network. We had some big issues and decided that we put the Macs on their own network, directly connected to the apple server and all user authentication is done on there. How would you go about linking the user's apple Mac network creditionals with squid? this will be separate to the windows logon. At the moment with the Macs we have to bypass the proxy and go to a proxy which is given to us by our local LEA which is an issue because it means any local site blocking we do internally is not blocked on the Macs as it bypass the squid filter.

    Is there a way where squid can know that there is a windows network and apple network and authenticate two different directory accounts?

    Will the latest version of squid be able to differenciate between different AD groups. One issue that we have with internet is that if we block a website it blocks it for all domain users and there are certain websites that we want to block for students but not for staff. Is there a way this can be separated?

    Any advice or alternatives people can advise would be most appreciated...

  2. #2
    ahuxham's Avatar
    Join Date
    Apr 2008
    Thank Post
    Thanked 138 Times in 109 Posts
    Rep Power
    Unless your macs are kerberized into your Windows domain, you'll more than likely be prompted for credentials, added the fact depending on MAC OS, ntlm_auth is known to be broken within the operating system, so even single signon setups fail to work, you'll be prompted for credentials all the time.

    Same with Sarafi for Windows, won't bypass single signon, as at present NTLM is broken.

    If you don't want to authenticate MAC pc's you could always great a passthrough ACL for that network and allow full access.

    Make sure you backup your squid.conf file, as a newer version will more than likely overwrite, and some features may not be available, its always handy when restarting the new squid to start it rebuilding any cache you have available.

    Dansguardian for filtering as well, its a learning curve, but it does what it does, smoothwall have incorporated it into their commercial product.

    Client > Dansguardian > Squid > Internet (Squid on local, so even with macs on passthrough, they still get filtered)

+ Post New Thread

Similar Threads

  1. Latest Version and Changelog
    By bizzel in forum EduSweep
    Replies: 0
    Last Post: 20th March 2008, 11:20 AM
  2. Our latest offering
    By Elky in forum Our Advertisers
    Replies: 0
    Last Post: 23rd April 2007, 01:35 PM
  3. Sophos to force users to the latest version
    By john in forum Educational Software
    Replies: 25
    Last Post: 26th November 2006, 12:12 PM
  4. more EduGeek Latest
    By mark in forum Comments and Suggestions
    Replies: 11
    Last Post: 21st June 2005, 09:31 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts