Hi all, could anyone give any suggestion for realize next scheme: User turn on the computer & after booting operate system, he enter login\password for authorize in domain (Active Directory). After logon in AD, he did not enter any login\password to access to the Internet. That is, he open any site in the web-browser & Squid don't ask him login\password, but authorized for user still was transparent. At this moment, scheme is follow: User logon in AD, open a web-browser, Squid ask him login\password. After checking is the user is present in base of AD, input correct log\pass & check whether he belongs to a group with access to the Internet (with 'squid_ldap_auth' & 'squid_ldap_group'), user can go to the Internet. When he close web-browser & repeatly open a web-browser, squid ask him log\pass again & check is repeat. So, a question is: how to do that user input log\pass only once (in logon in domain) & Squid will no longer ask him log\pass, but still was authorization? Maybe is there anything options with 'external_acl_type ... %LOGIN'? Or else where...
