hi. i've successfully got squid authenticating against our ad domain, and the restrictions on the squid server itself are by nt group membership. i'm noticing that there is a heck of a lot of activity by the authenticating perl program when i run 'top'. i've included the relevant lines from my squid.conf- is there something i ought to change here to enable better performance? presently it runs slower than our isa server and is on similar spec hardware. i wondered if there was some way of increasing the time it remembers a users details without re-querying the server? thanks john #nt auth auth_param ntlm program /usr/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 15 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 60 minutes auth_param basic program /usr/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm SuperSquid auth_param basic credentialsttl 2 hours external_acl_type nt_group ttl=0 concurrency=20 %LOGIN /usr/squid/libexec/wbinfo_group.pl _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web!