Search squid archive

Re: NTLM Password Cache on Squid ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Jakob Curdes escreveu:

   - When we change a password on the Active Directory,
   squid don't see the change before a lot of hours ...
That is an AD "feature". If you use AD groups, you can take somebody out of the group and AD will happily repsond that the user is a group member for several hours. You can easily check the AD answer using the squid auth helper. Probably this can be configured on the AD side but I am not an AD freak so I cannot help there.


   squid has all the caching mechanisms too.

check your TTL parameters on your squid authentication mechanism. For example:

auth_param basic credentialsttl 300 seconds

or

external_acl_type ldap_group ttl=300 %LOGIN


Those parameters can make squid 'thinks' a password is OK when it was changed, as well as believe a user is member of a group when it's not anymore.


--


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br

	Minha armadilha de SPAM, NÃO mandem email
	gertrudes@xxxxxxxxxxxxxx
	My SPAMTRAP, do not email it






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux