On tor, 2008-08-21 at 07:24 -0700, nairb rotsak wrote: > Just to clarify, to use wbinfo_group.pl, I need to: > 1. Add Domain Local group to Active Directory called Internet-Allowed (name not important) Yes, unless you already have a suidable group. > 2. Add 'external_acl_type ADS %LOGIN /usr/lib/squid/wbinfo_group.pl' to squid.conf Yes. > 3. Add 'aclInternet-Allowed external ADS Internet-Allowed' to squid.conf Yes. > 4. Add 'http_access allow Internet-Allowed all' The use of all is redundant above, but does not make much harm.. the Internet-Allowed acl alone is sufficient. > Second > question.. does this mean anyone not in this group will not have > Internet.. or do I have to do a deny acl/http_access combo? Depends on your following http_access rules. Any user not member of the group won't match this http_access line. Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
