Hi, we are using the windows version of squid (squid-2.6.STABLE5-NT-bin)and we want to control the access to the internet over the Users who are members in Active Directory (Windows 2000 Domain Controller) This works with the squid_ldap_auth.exe module of squid. In the Howto of squid is given one example how to identificate the users of Windows ADS. Example: auth_param basic program c:/squid/sbin/squid_ldap_auth -P -R -b " DC=ads,DC=local" -D "CN=Squid,CN=Users,DC=ads,DC,local" -w secret -f" (&(objectClass=Person)(userPrincipalName=%s))" 192.168.1.1:3268 auth_param basic children 6 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours My question is, do I have to add each user of ADS to squid.conf? How do I for example deny or allow access to internet of special users of ADS? The credentialsttl of 2 hours means the user has to reindentificate after 2 hours? Thanks for answers. Regards Roland
