Hi, my question is the following: Is it possible to tell squid that a external_acl must be checked again? We have the situation where users are switched on/off for internet access over a group membership in the MS-ActiveDirectory. Their credentials are valid all the time, so setting the credentialsttl has no effect. My workaround at the moment is to reconfigure squid every 2 minutes. But even in my opinion this is quite dirty. Is there any other solution? Thanks a lot, Dirk P.S. Here is an extract of my squid.conf: auth_param basic program /usr/lib/squid/open2 (which will look in 2 ADs for valid users) auth_param basic realm Internet-Sicherheitsabfrage acl password proxy_auth REQUIRED external_acl_type LCgroup %LOGIN /usr/lib/squid/squid_ldap_group -b ou=Gruppen,dc=lc-hab,dc=local -D cn=lcsys-28,ou=more,dc=lc-hab,dc=local -w xxx -B ou=Teilnehmer,dc=lc-hab,dc=local -F "sAMAccountname=%s" -f "(&(cn=%a)(member=%u))" -h 192.168.105.10 acl LCweb external LCgroup GT_Internetzugang http_access allow LCweb
