Hello, I have SQUID 2.7 STABLE 8 running on server 2008 R2 Core Windows servers with two AD forests where there is a two way transitive trust in place. The SQUIDs are in DomainA and we have Users in DomainA and DomainB. DomainA users are members of a domain local group that is used to allow internet access, called PRX-Allow_Internet. DomainB users are members of a universal group InternetUsers. The DomainB\InternetUsers group is nested in the DomainA\PRX-Allow_Internet group. I am using mswin_negotiate_auth.exe for authentication. Users in DomainA can access the internet. Users in DomainB are denied access to the SQUID proxies in DomainA. Is cross forest authentication possible? Is this unsupported or do I have a misconfiguration? Will provide squid.conf details on request. Thanks Ian -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/cross-forest-authentication-tp3963343p3963343.html Sent from the Squid - Users mailing list archive at Nabble.com.
