Thank you so much for your answer, Amos. It was really usefull.!
In addition, I would like to create groups in AD and access policies to
those groups. For example, the group "Blocked" will not access to
internet, "Restricted" will be able to browse some domains, etc. For
that taks, I use the ext_ldap_group_acl in this way:
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics
--helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN
auth_param ntlm children 10
auth_param ntlm keep_alive on
#
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 50
auth_param basic realm Squid
auth_param basic credentialsttl 2 hours
#
external_acl_type AD_Grupos ttl=10 children=10 %LOGIN
/usr/lib/squid3/ext_ldap_group_acl -b "dc=domain,dc=com" -d -D
squid@xxxxxxxxxx -W etc/squid3/ldappass.txt -f
"(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=SquidGroups,dc=domain,dc=com))"
-h dc@xxxxxxxxxx
Is this correct? I am newbie with this kind of features.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
