[squid-users] Squid with AD - missing libraries
Veronica Ovando
vero.ovando at live.com
Fri Sep 25 14:22:35 UTC 2015
Thank you so much for your answer, Amos. It was really usefull.!
In addition, I would like to create groups in AD and access policies to
those groups. For example, the group "Blocked" will not access to
internet, "Restricted" will be able to browse some domains, etc. For
that taks, I use the ext_ldap_group_acl in this way:
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics
--helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN
auth_param ntlm children 10
auth_param ntlm keep_alive on
#
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 50
auth_param basic realm Squid
auth_param basic credentialsttl 2 hours
#
external_acl_type AD_Grupos ttl=10 children=10 %LOGIN
/usr/lib/squid3/ext_ldap_group_acl -b "dc=domain,dc=com" -d -D
squid at domain.com -W etc/squid3/ldappass.txt -f
"(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=SquidGroups,dc=domain,dc=com))"
-h dc at domain.com
Is this correct? I am newbie with this kind of features.
More information about the squid-users
mailing list