Step by step:
http://kb.papercutsoftware.com/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
D.Radel.
----- Original Message -----
From: "Nolan Rumble" <nmr@xxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Wednesday, January 04, 2006 10:01 PM
Subject: Squid and LDAP authentication
Hi,
I'm trying to get LDAP authentication working on my squid proxy. Now
ideally I would like to only allow users in a certain group (namely,
cn=squid,ou=Group,dc=ph,dc=sun,dc=ac,dc=za which is a groupOfUniqueNames
(does this work or must I use an objectClass=posixGroup?) to
authenticate and use the proxy. How would I go about doing this? I've
added the following lines to my squid.conf file:
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
"ou=People,dc=ph,dc=sun,dc=ac,dc=za" -f "cn=squid" -s sub
fsk.ph.sun.ac.za
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -ZZ
-b "ou=Group,dc=ph,dc=sun,dc=ac,dc=za" -f
"(&(objectclass=groupOfUniqueNames)(cn=%a)(uniqueMember=%v))" -B
"ou=People,dc=ph,dc=sun,dc=ac,dc=za" -F uid="%s" fsk.ph.sun.ac.za
acl password proxy_auth REQUIRED
acl password_group external ldap_group squid
http_access allow password_group
Any help would be appreciated!
Thanks
Nolan
