I use squid 2.5 stable13 and samba-3.0.14a-2 with fedora core 4.
I have some groups with space in my Active Directory.
When i put "" to delimited the group name, squid don't accept.
here my acl with the rule :
acl group_dao external InetGroup "Utilisateurs DAO"
http_access deny group_dao
here the message when i start squid :
Arrêt de squid :2006/04/12 13:56:16| strtokFile: Utilisateurs not found
I have test this patch :
synopsis A internal error in the strwordtok() function causes problems for
external_acl if the last helper argument is quoted by Squid. For example if
using a group helper and having groups with spaces in them.
date 2002-11-09 09:59
versions 2.5.STABLE1
platforms All
patch squid-2.5.STABLE1-strwordtok.patch
here my complete configuration of squid.conf :
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 5 minutes
auth_param ntlm use_ntlm_negotiate off
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm proxy-raspoutine
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
external_acl_type InetGroup %LOGIN /usr/lib/squid/wbinfo_group.pl
acl group_test external InetGroup grouptest
acl group_dao external InetGroup "Utilisateurs DAO"
http_access deny group_test
http_access deny group_dao
other question :
how don't propose new authentification when internet access was deny ?
without remove auth_param basic
sorry for my english i'm french
thanks
