NO, IP Address is not stored into AD for a signed-in user. I keep 'acl src' into squid.conf for every IP which needs to go to Internet and I allow it permission by 'http_access' directive; by this list I'm able to know what computers can surfing. -----Messaggio originale----- Da: Chad Naugle [mailto:Chad.Naugle@xxxxxxxxxxx] Inviato: Wednesday, November 17, 2010 7:53 PM A: Riccardo Castellani; squid-users@xxxxxxxxxxxxxxx Oggetto: Re: LDAP authentication Is the IP Address even stored in Active Directory for a signed-in user? --------------------------------------------- Chad E. Naugle Tech Support II, x. 7981 Travel Impressions, Ltd. >>> "Riccardo Castellani" <ric.castellani@xxxxxxxx> 11/17/2010 1:46 PM >>> I'm using Squid 2.7 Stable3 in my network where some clients are in workgroup while others in MS domain. I'm testing LDAP Authentication by Active Directory and It likes that it works! I'd like allowing "web surfing" sequentially according to these rules: rule 1: by only IP ADDRESS rule 2: by Active Directory USER (user can navigate from any pc) rule 3: by Active Directory USER (user can navigate from specific pc) Rule 1 is for computers whicg are in workgroup, so there are only local users. Rule 2 is for computers in MS domain where every user MUST use his pc Rule 3 is for computers in MS domain where "special users" (e.g. director) who can navigate from any pc. Can Squid permit this behaviour ? Travel Impressions made the following annotations ------------------------------------------------------------- "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you."