Search squid archive

I want NO login dialog when a user is unauthenticated (if its possible..)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

I run a squid/2.5.STABLE10 in a 1000 user enviroment on a SUSE SLES9 server with Samba 3.0.9 configured for MS AD.

Everything works just fine with the group authenication against MS AD. But my problem is that when users without Internet Access Try to access the internet the login dialog appears, and its like a closed door to a cat - they are trying other peoples accounts, and lock them out.

So my question is.. Are there any way to disable the login dialog for users with no internet access??
Here is my squid.conf:


http_port 10.52.5.201:8080
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
log_fqdn on
client_netmask 255.255.255.255
dns_nameservers 10.52.17.201 10.52.17.202

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=S-1-5-21-1187005629-1892371507-1230779191-4288
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=S-1-5-21-1187005629-1892371507-1230779191-4288
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#*********************************************************************
acl InternetAccess proxy_auth REQUIRED
#*********************************************************************
acl special_url url_regex -i "/usr/local/squid/etc/open_sites.txt"
#*********************************************************************
http_access allow special_url
http_access allow InternetAccess
#*********************************************************************

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object HTTP
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 2001
acl Safe_ports port 3001
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux