Thank you for the quick reply. I have tried it with quotes the results are the same. It's not working. > On 9 Feb 2016, at 3:37 pm, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > >> On 10/02/2016 3:24 a.m., mathew abraham wrote: >> Could some point me to the right direction? >> I want to use ext_ldap_group_acl to allow certain users who are members of the ad group for example >> YouTube - Allowed, Twitter - Allowed >> Yes with the blank space and dash in the group name. For that reason I have create files /adgroups/youtube.txt and /adgroups/youtube.txt >> The content of the file is "YouTube - Allowed" and the other file "Twitter - Allowed" >> Within quotes. >> What am I doing wrong, the websites are blocked even if a user is in the allowed group. Please help. >> Extract from squid.conf below >> external_acl_type ldapgroup ttl=3600 negative_ttl=3600 %LOGIN /lib/squid/ext_ldap_group_acl -R -b "dc=mydomain,dc=com" -f "(&(samaccountname=%v) >> (memberof=cn=%a,dc=mydomain,dc=com))" -D squid@xxxxxxxxxxxx -w MyPassword -h mydomain.com >> acl allowtwitter external ldapgroup /adgroups/twitter.txtacl allowyoutube external ldapgroup /adgroups/youtube.txt >> acl twitter dstdomain twitter.comacl youtube dstdomain www.youtube.com >> http_access deny !allowtwitter twitterhttp_access deny !allowyoutube youtube >> http_access allow allowtwitterhttp_access allow allowyoutube > > To load the acl parameters from a file you need to put "" around the > filename in squid.conf. > > Like this: > > acl allowtwitter external ldapgroup "/adgroups/twitter.txt" > > acl allowyoutube external ldapgroup "/adgroups/youtube.txt" > > > The "" tells Squid its a filename and not a group called > '/adgroups/twitter.txt' etc. > > This strange filename syntax is why you cant just use quoted strings on > the acl line in the first place. > > Amos > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
