On Tue, 1 Sep 2009 17:07:52 +0530, Tejpal Amin <tejpal.amin@xxxxxxxxx> wrote: > AMos, > > I tried putting this line in the conf file but it did not work. > > My aim is to stop users not logging onto my AD domain from accessing > the internet. > I have configured NTLM authentication for my squid but the issue is > teh users not logging onto teh domain get a prompt for authentication. > > There should be no way of accessing teh internet for non domain users. > Which is exactly what that line I gave you does. I assume when you said "squid throws up an authentication dialog box" that you already had authentication working. This line replaces whatever you currently have doing "deny !auth" in your config and causing the dialog box to appear. The 'all' at the end of the line prevents the dialog being requested by Squid. Amos > Regards > Tej > > On Tue, Sep 1, 2009 at 2:54 PM, Amos Jeffries<squid3@xxxxxxxxxxxxx> wrote: >> Tejpal Amin wrote: >>> >>> HI, >>> >>> I have a squid proxy which uses NTLM authentication for authenticating >>> users. >>> >>> I would like to restrict access only to users logging onto domain for >>> the other users it should deny access. >>> The problem I am facing is that for machines that are not joined to >>> windows domain, the squid throws up an authentication dialog box. >> >> So you require authentication to use the proxy, but do not want Squid to >> notify the browsers about this critical requirement? >> >> >> http_access deny !auth all >> >> Where "auth" is whatever ACL name you have in your squid.conf to test >> authentication. >> >> >> Amos >> -- >> Please be using >> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18 >> Current Beta Squid 3.1.0.13 >>
