Dear All/Amos, I want to allow certain(not all) Active Directory users to use squid by way of SSO with Active Directory. So means when any one from those specific users will login into Active Directory they should have automatically access to internet via Squid Proxy. Other AD users which have not permissions granted in Squid will be disallowed. Is it possible? How please guide in detail. This was my assumption of how it would be done: I needed to compile squid with these additional options --enable-basic-auth-helpers="LDAP" --enable-auth="basic,negotiate,ntlm" --enable-external-acl-helpers="wbinfo_group,ldap_group" --enable-negotiate-auth-helpers="squid_kerb_auth" Right?? I need to configure krb5.conf to point to AD as Default_realm on CENTOS 5.4 to right? I think that i must need to make Centos 5.4 member of the domain? Am i right or its not necessary How these specific AD users(with internet access allowed) will be told/mentioned to the squid? I have also studied your article http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ldap?action=print However this is allowing all(not specific) Active Directory or LDAP users internet access. This logic is just checking the validity of user account with Active directory by popping up a login/password and if succeeded network access is granted. Am i right? Bottom line is that i am completely lost and have not much idea what and how to do it. We previously are using Microsoft ISA server and are about to move to Squid and this requirement is very necessary. regards, Bilal Aslam _________________________________________________________________ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969
