Hi, I am using Squid 2.STABLE13 and DansGuardian for caching and filtering. I have Squid in front for authentication, then DG, then another Squid for caching. It's all been working great with NTLM auth using winbind and smb. I have an acl that looks like this: acl denied_users proxy_auth_regex -i '/etc/squid2/denied_users' where the denied_users file has a list of users who are not allowed access in the form of: john.smith Now for the first time I have a problem in the way this works. For instance, I have a user account of smith. It's a generic account that is used to ensure that certain applications run on Windows 2000/XP. I simply want to prevent Web access as it's anonymous to some extent. So I add the name "smith" to my denied_users file. Now not only is "smith" denied access, but also "john.smith". I have tried removing the regex piece (acl denied_users proxy_auth '/etc/squid2/denied_users' and that doesn't seem to block anyone. I have also tried (with and without regex piece) making the names in denied_users in the form of domain\john.smith, but that also doesn't block anyone. Does anyone have a suggestion of how to make this work again? Maybe some other regex syntax can be added to the denied_users listing? I like not having to enter the domain\ part, but it's no big deal if that's needed. I simply need to have the acl look at the entire username, not just one part of it. Ie. blocking smith should not block john.smith. Thanks for any suggestions. Geoff
