On Thu, 2006-02-16 at 15:14 -0500, Meyerovich Aleksandr EB_NY wrote: > At last I got squid_ldap_auth with squid_ldap_group to authenticate and > authorize against the MSAD. > Thanks a lot for tips. > > What I ultimately would like to have is a situation when it only takes > to match the group membership to get access to the Internet, and NO > authentication is required. The userId accessing the Internet should be > still recorded in the access.log > > Any suggestions on this? You can do this if you use one of Microsoft's proprietary authentication protocols, NTLM and AUTHENTICATE/GSSAPI/KERBEROS. Both will supported in squid-3, only the former is available in squid-2. See http://squidwiki.kinkie.it/SquidFaq/ProxyAuthentication http://squidwiki.kinkie.it/NTLMIssues http://squidwiki.kinkie.it/NegotiateAuthentication -- Kinkie <kinkie-squid@xxxxxxxxx>
