Hello, I need help! I have problem with 'squid_ldap_group'. Situation: There are domain (kng.local) with Active Directory (192.168.4.100), one of the group with access to the Internet named as 'internetusers' and 2 users in it: 'ldapreader' with pass '12345678' & 'testproxyad1' with the same pass '12345678'. It is necessary to setup & has working a proxy server with authorization by groups from Active Directory. Tries of decision: With ldapsearch i can see the group, what i need, command is: ldapsearch -D ldapreader@kng.local -w 12345678 -h 192.168.4.100 -b "dc=kng,dc=local" -x '(&(objectCategory=group)(cn=internetusers))' Output to console is: ... #internetusers, KNG-Services, kng.local dn: CN=internetusers,OU=KNG-Services,DC=kng,DC=local objectClass: top objectClass: group cn: internetusers member: CN=ldapreader,OU=KNG-Services,DC=kng,DC=local member: CN=testproxyad1,OU=KNG-Services,DC=kng,DC=local distinguishedName: CN=internetusers,OU=KNG-Services,DC=kng,DC=local name: internetusers sAMAccountName: internetusers objectCategory: CN=Group,CN=Schema/CN=Configuration,DC=kng,DC=local ... Well, command for authorized by users I used is: /usr/lib/squid/squid_ldap_auth -R -D ldapreader@kng.local -w "12345678" \ -b "dc=kng,dc=local" -f "sAMAccountName=%s" -h 192.168.4.100 and it's work: ldapreader 12345678 OK testproxyad1 12345678 OK But finaly, command for authorized by group doesn't work (variously variants I try are): 1) /usr/lib/squid/squid_ldap_group -d -v 3 -b "cn=internetusers,ou=KNG-Services,dc=kng,dc=local" \ -f "(?(objectClass=Group)(cn=%v)(memberUid=%a))" 2) /usr/lib/squid/squid_ldap_group -b "dc=kng,dc=local" -D ldapreader@kng.local -w 12345678 -f \ "(&(objectClass=group)(sAMAccountName=%v)(cn=%a))" -h 192.168.4.100 -d 3) /usr/lib/squid/squid_ldap_group -R -b "dc=kng/dc=local" -D ldapreader@kng.local -w 12345678 -f \ "(&(objectClass=person)(sAMAccountName=%v)(memberof=cn=%a,cn=Users,dc=kng,dc=local))" -h 192.168.4.100 4) /usr/lib/squid/squid_ldap_group -d -v 3 -b "cn=internetusers,ou=KNG-Services,dc=kng,dc=local" -f \ "(&(objectClass=groups)(cn=%a)(memberUid=%v))" -d 5) /usr/lib/squid/squid_ldap_group -R -b "cn=internetusers,ou=KNG-Services,dc=kng,dc=local" -f \ "(&(cn=%a)(objectClass=%g,cn=internetusers,dc=kng,dc=local))" -D ldapreader@kng.local -w 12345678 -h 192.168.4.100 Output to console is the same of all: Connected OK. group filter '...' searchbase '...' ERR There is no information in the "cache.log" about command 'squid_ldap_group' & I don't know in what direction looking for a solution. Please, help me to resolve this problem as quick as you can. Dancing with a tambourine around the proxy is not cool=) I will grateful to all comments & advices. Thanks. P.S. Sorry for the large volume of text & bad english. Best wishes, Paul