Re: [squid-users] squid proxy for W2K active directoty users

From: Jack <[email protected]>
Date: Thu, 6 Feb 2003 15:24:53 +0530

Hello Henrik,

Thanks, Its working fine now.

Can i use squid_ldap_group for group authentication.

I set filter as cn=%a

but i am not sure that my configuration is correct.

My squid.conf related to authentication
auth_param basic program /usr/local/squid25S1/libexec/squid_ldap_auth -u
cn -b cn=Users,dc=test,dc=local -h 172.16.1.251
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

external_acl_type ldapou %LOGIN
/usr/local/squid25S1/libexec/squid_ldap_group -b
"cn=Users,dc=test,dc=local" -f "(cn=%a)" -h 172.16.1.251
acl ou_testing external ldapou sqldap

acl url1 dstdomain .yahoo.com
http_access allow ou_testing url1
http_access deny all

when i browse www.yahoo.com i am getting access denied page.

Thanks and Regards,
Jack

> In the documentation to the LDAP helpers, shipped with Squid..
>
> Regards
> Henrik
>
>
> ons 2003-02-05 klockan 10.46 skrev Jack:
> > Hello Henrik,
> >
> > Thanks, I like to use LDAP but i did not get the schema to support it.
> >
> > Can you suggest a link where i can find more information on LDAP-W2K
active
> > directory
> >
> > Regards,
> > Jack
> >
> > > Jack wrote:
> > >
> > > > Is it possible to use W2K native mode active directory for
> > authenticating
> > > > proxy users.
> > >
> > > Yes.
> > >
> > > You can use either LDAP (always works) or winbind (requires that
support
> > > for NTLM is enabled in your AD, is by default)
> > >
> > > Regards
> > > Henrik
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Everything you'll ever need on one web page
> > from News and Sport to Email and Music Charts
> > http://uk.my.yahoo.com
> --
> Henrik Nordstrom <hno@squid-cache.org>
> MARA Systems AB, Sweden

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
Received on Thu Feb 06 2003 - 02:37:34 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:15 MST