[squid-users] ntml auth

[Alex Gutiérrez Martínez]

#Hello community, I am trying to connect my squid to my AD using ntml (i 
can't use Kerberos). The problem is that I have not found a way to make 
the groups I have in the AD look in the squid.

#this is my current config using ldap using basic auth

auth_param basic program / usr / lib / squid / basic_ldap_auth -P -R -b 
"dc = mi, dc = company, dc = cu" -D cn = proxy, ou = ST, dc = mi, dc = 
company, dc = cu -W /etc/squid/ldap.txt -f sAMAccountName =% s -v 3 -s 
sub -h 192.168.1.10
external_acl_type Group% LOGIN / usr / lib / squid / ext_ldap_group_acl 
-R -b "dc = mi, dc = company, dc = cu" -D cn = proxy, ou = ST, dc = mi, 
dc = company, dc = cu -W /etc/squid/ldap.txt -f "(& (objectclass = user) 
(sAMAccountName =% u) (memberof = cn =% g, dc = mi, dc = company, dc = 
cu))" -h 192.168.1.10
auth_param basic children 10
auth_param basic realm apolo.mi.empresa.cu
auth_param basic credentialsttl 2 hour
acl basic_ldap_auth proxy_auth REQUIRED
http_access deny! basic_ldap_auth

#from here i get 2 group
#
#i1 and i2
###########################
acl i1 external Group Internet1
acl i2 external Group Internet2

#################################################################################################### 
#####

#my configuration for ntml is

auth_param ntlm program / usr / bin / ntlm_auth --diagnostics 
--helper-protocol = squid-2.5-ntlmssp --domain = my.company.cu
auth_param ntlm children 10
auth_param ntlm keep_alive off
auth_param ntlm credentialsttl 2 hour


#What I want is to know how to use the groups that are in my active 
directory, specifically Internet1 and Internet2.

#Every time I run "squid -k parse" it shows me an error in the line 
where I define the external groups.

#I am running version 3.5.27

-- 
Saludos Cordiales

Lic. Alex Gutiérrez Martínez

Tel. +53 7 2710327

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180807/f2bc0c80/attachment-0001.html>