Hey I have a transparent proxy setup using squid, winbind, samba, etc... I got sick of manually blocking IP addresses from accessing the internet and stumbled across an article (thank god for google!) that allows access based on AD Group. It pretty much looks like... external_acl_type ntgroup %LOGIN /usr/lib/squid/wbinfo_group.pl acl NoInternet external ntgroup NoInternet Then there is the http_access deny line that denies the NoInternet group. This seems to work fine, if a user belongs to the NoInternet group they are prompted for Username/Password and even if they put in the correct credentials they aren't allowed to go anywhere. My question is, instead of prompting for username/password if a user belongs to the group, how do I just redirect them to a page? No other time is my users prompted for authentication as it uses the NT "pass through" credentials, so not sure why it wants to prompt now. Hoping someone out there is doing something similar? Thanks!
