Find below the configurations placed in my config file auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b dc=openworld,dc=co,dc=ke -f "(&(uid=%s)(objectClass=zimbraAccount))" -h 192.168.111.130 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hour external_acl_type InetGroup ttl=300 %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -b dc=openworld,dc=co,dc=ke -B "uid=zimbra,cn=admins,cn=zimbra" -w ldapadmin -f "(&(uid=%u)(objectClass=zimbraAccount))" -h 192.168.111.130 acl ldapauth proxy_auth REQUIRED acl InetAccess external InetGroup Admins http_access allow InetAccess http_access allow my_network For authentication of a single user it works since it asks for authentication but group authentication it aint. Regards On Tue, Feb 23, 2010 at 11:29 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > Kevin Kimani wrote: >> >> Hi all, >> Am having a problem trying to authenticate a group that i have set up >> in my zimbra mail server. the users are stored in an ldap database >> thus thought that authentication would just be the same as other ldap >> databases. am able to authenticate users in singular but want to barr >> some users in a particular group. the command i have is letting >> everyone access the internet. "external_acl_type InetGroup %LOGIN >> /usr/lib/squid/squid_ldap_group -v 3 -b dc=xxxxxx,dc=co,dc=ke -f >> "(&(uid=%g)(objectClass=*))" -h xx.xx.xx.xx" >> would anyne have an idea how to go about it? am in terrible need for it to >> work. >> Regards > > external_acl_type merely runs a lookup helper, you have additional "acl" > lines specifying how its used and various http_access lines as well > specifying how the acl lines affect peoples HTTP requests. > We need to know all those other lines to tell what/why you have this > problem. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE7 or 3.0.STABLE24 > Current Beta Squid 3.1.0.16 >
