[squid-users] Is it possible to apply squid delay pools on users/groups from AD ?
Amos Jeffries
squid3 at treenet.co.nz
Thu Nov 16 08:02:35 UTC 2017
On 16/11/17 01:43, Bike dernikov1 wrote:
> Hi,
> this is my second topic, i wouldn't wan to mix with first. I hope that is ok.
> i hope that someone succeeded to apply delay pools on users/groups from AD.
> We are now using delay pool on whole 10.0.0.0/8, but that is a
> problem as different users have different requirements. We have 30
> locations, and we can set different rules by ip, but than we would
> need one rule for one location, we would need to use static ip,
> network reconfiguration, but that solution would be nightmare for
> administration, and we would like to avoid static ip-s for users.
It depends on your Squid version.
The latest Squid with annotation support are capable of receiving
user/group names from the auth and external ACL helpers. These get
attached to the transaction and can be matched with the 'note' type ACL
in any later 'fast-category' access controls like delay_pools.
If your Squid is too old to use note ACL, or your helper(s) not
providing the relevant details to Squid (in Squid-3.4+ helper syntax).
Then no, sorry.
Amos
More information about the squid-users
mailing list