I'm completely new to Squid and have run across a problem that I'm beating my head on. In my test lab I set up a CentOS server with Squid. I've configured winbind so that I'm joined to Microsoft 2003 domain controller. I've configured squid.conf so that it looks up users in Active Directory and either allows them access to a website or not depending upon their group. Happily everything works beautifully when testing using a workstation on the same subnet. However as soon as I join that workstation to the domain, I have issues. My two http_access rules for my authenticated users do not seem to work. My web browser does not prompt me to log in. So it seems that the authentication that happens when part of the domain is conflicting with what I'm doing with Squid. However this is where I get hopelessly lost. Below is the modified part of my smb.conf. Anybody have any ideas? auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off acl authenticated proxy_auth REQUIRED external_acl_type ad_group %LOGIN /usr/lib/squid/wbinfo_group.pl acl banned_users external ad_group BannedUsers acl allowed_sites dstdomain "/etc/squid/allowed_sites" acl allowed_users external ad_group AllowedUsers # And finally deny all other access to this proxy http_access allow localhost http_access allow authenticated allowed_users http_access allow authenticated allowed_sites banned_users http_access deny all
