Hi, Thanks for the help i am sure that will come in handy later. I have joined the linux box to the w2k domain. When i want to test the squid with ntlm_auth by doing the following: ntlm_auth --helper-protocol=squid-2.5-basic --domain=mydomain --username=username --password=password nothing happens but when i test it like the following: ntlm_auth --domain=mydomain --username=username --password=password I get OK. How can i get an OK with the helper? Thanks Regards On Tue, 1 Mar 2005 01:10:56 -0800 "Allen Armstrong" <allen_armstrong@xxxxxxxxx> wrote: > Hi, > > It can be done. I just finished doing it here is part of > my conf that might > help. This is after you get the winbind. I am using > NTLM for single signon > purposes. > > I first got Windows Authentication to work and then > worked on groups. E.g.: > > auth_param ntlm program /usr/bin/ntlm_auth > --helper-protocol=squid-2.5-ntlmssp > auth_param ntlm children 30 > auth_param ntlm max_challenge_reuses 0 > auth_param ntlm max_challenge_lifetime 2 minutes > > external_acl_type nt_group ttl=0 concurrency=5 %LOGIN > /usr/lib/squid/wbinfo_group.pl > > acl staff external nt_group internet-staff > acl students external nt_group internet-students > acl noaccess external nt_group Students > acl kss dstdomain "/etc/squid/allowedurls" > > http_access allow 199network kss noaccess > http_access allow 199network staff > http_access allow 142network staff > http_access deny notallowedurls students > http_access allow 199network students > http_access allow 142network students > > > I hope that helps you. I am running 2.5 stable 3 of > squid running under > redhat. > > > Ttyl, > > > Allen Armstrong > > > > > -----Original Message----- > > From: it clown [mailto:squid@xxxxxxxxxxxxx] > > Sent: February 27, 2005 4:19 AM > > To: squid-users@xxxxxxxxxxxxxxx > > Subject: [squid-users] acl with groups + w2k domain > > > > Hi All, > > > > I am using ISA server and i am wanting to replace it > with > > squid. I am running squid on a linux box. Now what i > want > > to do is have w2k users to use the squid proxy. I want > to > > add a few users in a group to have internet access and > add > > other users in another group to have access only to a > few > > sites. > > > > To do this i need to make the linux box part of the w2k > > domain via winbind (I know how to do that)? How do i > allow > > some users to have full access to internet and to allow > > others to only have access to some sites in squid? What > > auth do i need to set squid to to auth the users with > the > > w2k domain controller? > > > > I do not want an auth box to pop up. > > > > Thanks > > Regards > > > ______________________________________________________________ > > http://www.webmail.co.za the South African FREE email > service > ______________________________________________________________ http://www.webmail.co.za the South African FREE email service
