Phibee Network Operation Center wrote:
Hi
i have updated my squid 2.X to 3.X. i use ntlm auth
with this config:
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 15
auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 15
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
external_acl_type AD_Group children=50 concurrency=50 %LOGIN
/usr/lib/squid/wbinfo_group.pl
acl AllowedADUsers external AD_Group "/etc/squid-ntlm/allowedntgroups"
acl Winbind proxy_auth REQUIRED
http_access allow AllowedADUsers
http_access deny !AllowedADUsers
http_access deny !Winbind
http_access deny all
This configuration work on 2.X and when a user are not into the good
AD group, he can't connect.
On 3.X, he connect all time ....
anyone have a idea of the problems ?
What release of 3.x? If we know we can check for changes.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
Current Beta Squid 3.1.0.2