thanks for the reply Angel. I have read on the forums that these twohelpers can be used together!? On 7/24/07, Angel Mieres <amieres@xxxxxxxxxxxxxxxxxx> wrote:> Hi nick,>> I don't have much experience on squid + Windows plataform but i> recommend you to take the following way, you must try to separate> authenticators and group clasificators by topic, i think you must use> ntlm_auth with wbinfo_group or squid_ldap_auth with squid_ldap_group> trying not mixing both. I hope this help you.>>> nick w escribió:> > Hi,> >> > I have had a look through the threads and see that there are a few> > threads on this particular issue but dealing with Unix based squid> > servers and not Windows platforms. I am having a little trouble> > getting the squid_ldap_group helper working with NTLM_Auth and running> > on a W2K3 server. With the config below when you try to browse the net> > the browser just hangs trying to contact the website, no access denied> > message appears and I am assuming that the browser has not had a> > response back from squid. I have checked the cache.log file and I see> > entries in there saying that the request matched a denied acl rule and> > access is denied. If you are not in the AD group for denying inet> > access you get the same browser hang. Not sure what to do from here.> >> > auth_param ntlm program c:/proxy/libexec/win32_ntlm_auth.exe> > auth_param ntlm children 40> > auth_param ntlm max_challenge_reuses 0> > auth_param ntlm max_challenge_lifetime 2 minutes> > auth_param ntlm use_ntlm_negotiate on> >> > auth_param basic children 5> > auth_param basic realm Squid proxy-caching web server> > auth_param basic credentialsttl 2 hours> > auth_param basic casesensitive off> >> > external_acl_type ldap_group %LOGIN> > C:\Proxy\libexec\squid_ldap_group.exe -b OU=xxx,DC=xxx,DC=xxx -f> > OU=xxx,DC=xxx,DC=xxx -F OU=xxx,DC=xxx,DC=xxx -h LDAP_server_name -p> > 389 -S> >> >> >> > acl inet_deny external ldap_group> > CN=No-Internet-Access,OU=xxx,DC=xxx,DC=xxx> >> >> >> > http_access deny inet_deny> >> >> >> > Any help would be greatly appreciated.> >> > __________ Informaci�n de NOD32, revisi�n 2413 (20070723) __________> >> > Este mensaje ha sido analizado con NOD32 antivirus system> > http://www.nod32.com> >> >> >>>
