LDAP Authentication

Note: The web proxy must be running in non-transparent (i.e., conventional) mode for authentication.

Authentication Method - LDAP

Global authentication settings

Number of authentication processes

Specifies the number of authentication processes which can be started. If more authentication processes are needed, so there may be delays during authentication. To correct this behavior increase this value (the default value is 5).

Authentication cache TTL (in minutes)

Specifies the "time-to-live" value of the cached user data in minutes. This value is measured from the last request (default 60 min.) .

Limit of IP addresses per user

Here you can set how many simultaneous logins per user are permitted (default is empty <-> means any number).
See: max_user_ip

User/IP cache TTL (in minutes):

If you use proxy authentication and the 'max_user_ip' ACL, this directive controls how long Squid remembers the IP addresses associated with each user. Use a small value (e.g., 60 seconds) if your users might change addresses quickly, as is the case with dialup. You might be safe using a larger value (e.g., 2 hours) in a corporate LAN environment with relatively static address assignments. See: authenticate_ip_ttl

Require authentication for unrestricted source addresses

Unrestricted IP addresses are also subject to local authentication. If this option is disabled, an authentication does not apply to unrestricted IPs.

Authentication realm prompt

Here, an individual created text can be edited which will be displayed during the authentication process.

Domains without authentication (one per line)

Defines domains which work also without authentication.

Common LDAP settings

Base DN

This is the starting point for a LDAP server when searching for user authentication.

LDAP Server

The IP address of the LDAP server.

LDAP type:

Pick the required type.

Port

Pick the require port. The default port is 389.