On mån, 2007-07-30 at 11:14 +0200, sflour@xxxxxxxxxxxx wrote: > auth_param digest program c:/squid/libexec/digest_ldap_auth.exe -A > "description" -b "DC=aude,DC=com" -D > "Cn=administrateur,OU=Users,DC=aude,DC=com" -w "toto" -F > sAMAccountName=%s -h 192.1.1.1 > realm AUDE > and by exemple a user "squid" and his password "12345" > In the description field of the user squid in the AD write AUDE:12345 Would work I think. But you should just enter the password without the realm in the attribute. The realm is only used when working with hashed/encrypted passwords. If you want to enter the hashed/encrypted password then the Digest hash can be computed with Apache htdigest or other Digest password file maintenance tool, or even plain md5.. The Digest hash is simply MD5(username:realm:password) On Linux: htdigest -c /dev/tty realm AUDE Adding password for AUDE in realm realm. New password: [12345] Re-type new password: [12345] AUDE:realm:b28e76e5f5423220334007f7d20c57c0 or if you prefer echo -n AUDE:realm:12345 | md5sum b28e76e5f5423220334007f7d20c57c0 - Then add the value "realm:b28e76e5f5423220334007f7d20c57c0" to the LDAP attribute you told digest_ldap_auth to look for, and use the -e option to digest_ldap_auth to tell it to look for hashed passwords. This is a little more secure as the actual password is not stored, only a realm and user unique one-way hash of it.. Regards Henrik