The IT Crownd

Well keeping up with the times (sort of) I thought I'd blitz my CentOS 6 vm and build a new one.  Also this gives me an opportunity to test out my last post and re-install everything AGAIN. Fun. Well it started out fun. :) It seems things have changed ALOT since CentOS 6 New firewall for starters.  Gone is "service start smb".  Gone is chkconfig! What! Oh well new day new tricks.  It looks like chckconfig and service are now combined into one command systemctl - ok this makes good sense.  I like it. For example to enable Apache to persist between boots systemctl enable httpd and to stop Apache systemctl stop httpd simple. I like the new firewall too. fairewall-cmd to control it.  Nice.  To me at least this is much more intuitive to use with the zones and such than using iptables directly. Learning learning learning!!!

I've been looking into providing a good proxy server to replace the old stalwart Threat Management Gateway which is now out of support and development from Microsoft. Having recently passed my Redhat exam I thought I would look for something a bit LINUX based to run the proxy.  This led me to find SQUID. http://www. squid -cache.org There is plenty of documentation around how to set up the proxy.   Typically with LINUX, the documentation is written assuming that the reader knows what is going on  and is not a beginner. I got the basic proxy up and running pretty quickly.  I even had WPAD working correctly!   The defaults all worked! However the sticking point was how to get Squid to use an Active Directory group to determine who has  access to the Internet. Here's how I implemented the whole thing.  From start to finish.  As much as I can remember.   Obviously I'll omit the days of effort pursuing failures and just present the successes so it looks like