Hai I have read this two tutorial: http://www.visolve.com/squid/Squid_tutorial.php#Authentication_ and http://kb.papercutsoftware.com/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory I can test the connection between squid and the ldapsearch #> /usr/lib/squid/squid_ldap_auth -b "ou=paume,o=itb,c=id" -D "cn=admin,ou=paume,o=itb,c=id" -w "rahaSIA" -h localhost -f uid=%s admin admin OK After the testing were successfull, I added this to squid.conf auth_param basic program /usr/lib/squid/ldap_auth -b "ou=paume,o=itb,c=id" -D "cn=admin,ou=paume,o=itb,c=id" -w "rahaSIA" -f "(uid=%s)" -h localhost acl auroraborealis proxy_auth REQUIRED http_access allow auroraborealis Bravo! I can authenticate squid with data from LDAP server. Then I am trying to add the external_acl_type /usr/lib/squid/squid_ldap_group. But before doing this, can I have a test first, just like what I do with /usr/lib/squid/ldap_auth? Because I am still confuse how to write the -f option (&(objectClass=bla...bla..bla)(....)) Thank you. Students of Bandung Institute of Technology Indonesia -- Zaki Akhmad
