Could you post an extract of cache.log showing the squid_kerb_auth and
squid_kerb_ldap entries.
Markus
"Chris Richardson" <crichar@xxxxxxxxx> wrote in message
news:af01ca210908311222m104d2d2amdef43eca8e695999@xxxxxxxxxxxxxxxxx
Hi everyone here is what i am tring to do i want to use kerb for SSO
and use squid_kerb_ldap to do acls based on groups however i am
running into a problem normal kerb_auth works great but when i try to
use kerb_ldap i get aclMatchExternal: squid_kerb_ldap user not
authenticated (0)
here are snippets of the config
auth_param negotiate program /usr/lib/squid/squid_kerb_auth -d
auth_param negotiate children 10
auth_param negotiate keep_alive on
external_acl_type squid_kerb_ldap ttl=3600 negative_ttl=3600 %LOGIN
/usr/sbin/squid_kerb_ldap -d -g ProxyUsers@WINDOWSKDC
acl auth proxy_auth REQUIRED
acl ldap_group_check external squid_kerb_ldap
http_access allow ldap_group_check
http_access deny all
oh this is squid 3.0 on a win2003 AD domain
thanks
-Chris
