Re: [squid-users] acl's Based on Active Directory Group Membership

From: Tim Donahue <[email protected]>
Date: Fri, 27 Aug 2004 17:05:15 -0400

On Fri, 2004-08-27 at 16:49, Tim Neto wrote:
> Hello Tim,
>
> You need a definition like this -----| before these definitions in
> your file:
>
> >auth_param basic children 5
> >auth_param basic realm Squid proxy-caching web server
> >auth_param basic credentialsttl 2 hours
> >
> >
> I use LDAP authentication, so I have a set of lines like:
>
> #
> ---------------------------------------------------------------------------------------------------------------------------------------
> auth_param basic program
> <path-to-program>/squid_ldap_auth.exe -h <ldap-server-dns-name> -p
> <ldap-port> -P -b <base-OU> -f "uid=%s"
>
> auth_param basic children 20
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 5 minute
> #
> ---------------------------------------------------------------------------------------------------------------------------------------
>
> Replace the <value> in my configuration fragment with real values for
> your system.
>
> Note, I am running instances of Squid 2.5Build5 on both a Linux (RH9)
> and Windows 2000 sp4. LDAP server is a SunONE Directory server 5.2.
>
> Hope this helps some.
>
> Tim

Tim, thanks for the pointer. I had tried adding win32_check_group.exe
as a helper for basic authentication, and I wasn't having any luck, so I
thought I was doing something wrong. Once I tried using NTLM
authentication, it seems to work like a charm.

Tim Donahue
Received on Fri Aug 27 2004 - 15:05:17 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:03 MDT