ons 2010-06-02 klockan 19:20 -0300 skrev Gerardo Herzig: > ProxyUsers entry for the user foo is: > UniqueMember: uid=foo,ou=Managers,o=Company > UniqueMember: uid=anotherfoo,ou=Sales,o=Company > > 1) Is there a way to test if the user foo is part of the ProxyUsers group? Yes. But you must also tell squid_ldap_group how to find the user object based on the login "foo". See the -F argument. If you are using squid_ldap_auth then -F should be set to the same as you use for -f in squid_ldap_auth. squid_ldap_group -b o=company -F "(&(uid=%s)(objectClass=person))" -f "(&(cn=%g)(uniqueMember=%u))" ... > 2) It is possible to tell squid_ldap_group to look for uid=foo in > Manager AND Sales, and if there is one try to use it? > Like if the filter could be "(uid=foo) _AND_ (ou=Managers _OR_ ou=Sales)"? Yes, but why? Regards Henrik
