Thanks. I verified that this behaviour happens only for a specific domain user so I think I have to search problem in squid.conf or AD. -----Messaggio originale----- Da: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Inviato: Thursday, November 18, 2010 9:44 AM A: squid-users@xxxxxxxxxxxxxxx Oggetto: Re: Ldap + active directory: bizarreauthentication >>>>> "Riccardo Castellani" 11/17/2010 2:24 PM >>>>> >> I tested Squid authentication by ActiveDirectory LDAP. >> I tried to navigate in these 2 cases: >> >> A) from clients which are in workgroup: if I type credentials of a >> domain >> user, surfing works fine. >> B) from clients which are into domain: if I type credentials of my >> domain >> user (current logged domain user) Squid requests again me credentials ! >> >> While I type credentials of another domain user (different from my >> current >> domain user) surfing works ! >> >> Suggestions ?! It's very bizarre behaviour ! >> > > ----- Original Message ----- > From: "Chad Naugle" wrote: > >> It really isn't bizzare, because that is how it is designed to work. It >> uses the credentials you provide to authenticate the user, and logs it >> that way. >> On 18/11/10 09:54, Riccardo Castellani wrote: >> B) from clients which are into domain: if I type credentials of my >> domain >> user (current logged domain user) Squid requests again me credentials ! >> While I type credentials of another domain user (different from my >> current >> domain user) surfing works ! > > > Read point B : > There is something wrong when Squid tests for validity of the "current logged domain user" credentials. They are either declared invalid by AD or that user is denied access through the proxy. Can't tell without seeing your configuration file. Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3