Srinivasa Chary wrote: > I am getting problem when doing group filtering using from windows 2003 > server. I am using squid-2.5.STABLE3 and samba-3.0.0 > i am able to authenticate all the users perfectly with out group > varification, when i want to do group filtering it is not applying . Can you be a little more specific on what happens when it doesn't work? > Squid.conf: > external_acl_type NT_global_group %LOGIN /etc/squid/wbinfo_group.pl > acl AllowedNTUsers external NT_global_group "/etc/squid/allowedntgroups" > acl LoggedInUsers proxy_auth REQUIRED > http_access allow AllowedNTUsers > http_access allow LoggedInUsers > http_access deny !AllowedNTUsers > http_access deny !LoggedInUsers So you allow access to anyone in an allowed group, then allow access to anyone who authenticates successfully. If this is what you want, then these settings are fine (though the explicit "deny" lines are unneeded). > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access deny all With the exception of the "deny all" rule, these rules should come before your own http_access rules (the "deny all" line should come after). > smb.conf Since your authentication works, your Samba settings are fine. > wbinfo_group.pl Unless you changed the script (other than specifying the full path to wbinfo), there's no need to post it. Adam
