Assume your executive of corporation, sit on his clerk desk PC, and login to his username on the network (authenticate with Active Directory), of course he wants his full access to internet, but he can't because his IP address is different from what we set in squid for his PC. we authenticate users in Active Directory, and set their gateways to squid server so we have a Transparent squid. we don't want our users to be authenticate for second time in Browser... Somehow I want to set acl to be 'username base' and then set the delay pools and classes we define to the IP of his computer, Is there a solution to this problem?
