>> Can Squid permit this behaviour ? > Yes. I love Squid !!!! I solved previous problem, there was specific setting for domain user. -----Messaggio originale----- Da: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Inviato: Thursday, November 18, 2010 9:47 AM A: squid-users@xxxxxxxxxxxxxxx Oggetto: Re: R: [squid-users] LDAP authentication >>>> "Riccardo Castellani" 11/17/2010 1:46 PM >>>> > I'm using Squid 2.7 Stable3 in my network where some clients are in > workgroup while others in MS domain. > I'm testing LDAP Authentication by Active Directory and It likes that > it > works! > > I'd like allowing "web surfing" sequentially according to these rules: > > rule 1: by only IP ADDRESS > rule 2: by Active Directory USER (user can navigate from any pc) > rule 3: by Active Directory USER (user can navigate from specific > pc) > > Rule 1 is for computers whicg are in workgroup, so there are only local > > users. > Rule 2 is for computers in MS domain where every user MUST use his pc > Rule 3 is for computers in MS domain where "special users" (e.g. > director) > who can navigate from any pc. > > > Can Squid permit this behaviour ? > Yes. > -----Messaggio originale----- > Da: Chad Naugle wrote: > > Is the IP Address even stored in Active Directory for a signed-in user? > On 18/11/10 19:52, Riccardo Castellani wrote: > NO, IP Address is not stored into AD for a signed-in user. > I keep 'acl src' into squid.conf for every IP which needs to go to Internet > and I allow it permission by 'http_access' directive; by this list I'm able > to know what computers can surfing. > There is a MUCH easier way to do this. Lets gets your other "bizarre" problems fixed first then I'll describe it to you. Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3