[squid-users] ext_ldap_group_acl - allowing websites based on ad group membership
mathew abraham
ichayan at hotmail.com
Tue Feb 9 14:24:05 UTC 2016
Could some point me to the right direction?
I want to use ext_ldap_group_acl to allow certain users who are members of the ad group for example
YouTube - Allowed, Twitter - Allowed
Yes with the blank space and dash in the group name. For that reason I have create files /adgroups/youtube.txt and /adgroups/youtube.txt
The content of the file is "YouTube - Allowed" and the other file "Twitter - Allowed"
Within quotes.
What am I doing wrong, the websites are blocked even if a user is in the allowed group. Please help.
Extract from squid.conf below
external_acl_type ldapgroup ttl=3600 negative_ttl=3600 %LOGIN /lib/squid/ext_ldap_group_acl -R -b "dc=mydomain,dc=com" -f "(&(samaccountname=%v)
(memberof=cn=%a,dc=mydomain,dc=com))" -D squid at mydomain.com -w MyPassword -h mydomain.com
acl allowtwitter external ldapgroup /adgroups/twitter.txtacl allowyoutube external ldapgroup /adgroups/youtube.txt
acl twitter dstdomain twitter.comacl youtube dstdomain www.youtube.com
http_access deny !allowtwitter twitterhttp_access deny !allowyoutube youtube
http_access allow allowtwitterhttp_access allow allowyoutube
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160209/ddb5d4a1/attachment.html>
More information about the squid-users
mailing list