How to grant squid/web proxy access? (Was: Merge LWAT and DHCP machine objects in LDAP?)

To: debian-edu@lists.debian.org
Subject: How to grant squid/web proxy access? (Was: Merge LWAT and DHCP machine objects in LDAP?)
From: Petter Reinholdtsen <pere@hungry.com>
Date: Wed, 6 Aug 2008 11:12:24 +0200
Message-id: <20080806091224.GB9726@klodrik.uio.no>
In-reply-to: <48995168.8020400@bzz.no>
References: <2flhc9zjp63.fsf@klodrik.uio.no> <48995168.8020400@bzz.no>

[Finn-Arne Johansen]
> In a short distance I can see 2 or 3 more:
[...]
>  Squid access information (Or maybe that should be provided based on
>  netgroup)

My proposal was to use subnet information in LDAP to grant squid
access.  Do you believe it is a better idea to grant it per host
instead?  Granting it to all hosts or users in a netgroup will be
easier, as we do not need to add subnet information in LDAP.

If we grant access per subnet, clients on those subnets will work out
of the box without any updates to LDAP.  If we grant it using
netgroups, the host need to be added to LDAP before it can get on the
net.  This will make it required to add new hosts to netgroups before
we can PXE install them, if the use of a proxy is required.

Anyone got a view on this?

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Re: How to grant squid/web proxy access? (Was: Merge LWAT and DHCP machine objects in LDAP?)
  - From: Finn-Arne Johansen <faj@bzz.no>

References:
- Merge LWAT and DHCP machine objects in LDAP?
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: Merge LWAT and DHCP machine objects in LDAP?
  - From: Finn-Arne Johansen <faj@bzz.no>

Prev by Date: Re: Merge LWAT and DHCP machine objects in LDAP?
Next by Date: Re: How to grant squid/web proxy access? (Was: Merge LWAT and DHCP machine objects in LDAP?)
Previous by thread: Re: Merge LWAT and DHCP machine objects in LDAP?
Next by thread: Re: How to grant squid/web proxy access? (Was: Merge LWAT and DHCP machine objects in LDAP?)
Index(es):
- Date
- Thread