Search squid archive

squid3 two ldap groups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I've succcessfully made squid authenticate against an AD environment but now I would like to use access groups I've defined in the AD itself. I have an group called Internet and another called somesites. Internet group would have full internet access as it's name suggests and somesites group would have access to a limited number of sites. This is what I have so far in my squid.conf

external_acl_type Group ttl=1 %LOGIN /usr/lib/squid3/squid_ldap_group -d -R -K -b dc=domain,dc=com -D squid@xxxxxxxxxx -W /etc/squid3/ldappass -f (&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,cn=Users,dc=domain,dc=com)) -h dc1.domain.com

acl password proxy_auth REQUIRED
acl GroupInternet external Group internet
acl Groupsomesites external Group somesites
acl sites dstdomain /etc/squid3/sitesfile

http_access allow sites password Groupsomesites
http_access allow password GroupInternet

http_access deny all

So far what I've achieved was that squid asks for the first group but it does not ask for the second group. At least that's what the cache log tells me when I put it in debug level 9.

It asks for "user somesites" when it validates the first http_access but when it goes to the second http_access it doesn't ask for "user internet", it's like it doesn't know what to do with it.

the version of squid is 3.1.19 by the way.

Please help me with this. I am stuck.

thanks in advance,

Osmany

----- Terminar mensaje reenviado -----






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux