|
#Hello community, I
am trying to connect my squid to my AD using ntml (i can't use
Kerberos). The problem is that I have not found a way to make the
groups I have in the AD look in the squid.
#this is my current config using ldap using basic auth
auth_param basic program
/ usr / lib / squid / basic_ldap_auth -P -R -b "dc = mi, dc =
company, dc = cu" -D cn = proxy, ou = ST, dc = mi, dc =
company, dc = cu -W /etc/squid/ldap.txt -f sAMAccountName =% s -v 3 -s sub
-h 192.168.1.10
external_acl_type
Group% LOGIN / usr / lib / squid / ext_ldap_group_acl -R -b
"dc = mi, dc = company, dc = cu" -D cn = proxy, ou = ST, dc =
mi, dc = company, dc = cu -W /etc/squid/ldap.txt -f "(& (objectclass = user)
(sAMAccountName =% u) (memberof = cn =% g, dc = mi, dc =
company, dc = cu))" -h 192.168.1.10
auth_param basic children 10
auth_param basic realm apolo.mi.empresa.cu
auth_param basic credentialsttl 2 hour
acl basic_ldap_auth proxy_auth REQUIRED
http_access deny! basic_ldap_auth
#from here i get 2 group
#
#i1 and i2
###########################
acl i1 external Group Internet1
acl i2 external Group Internet2
####################################################################################################
#####
#my configuration for ntml is
auth_param ntlm program / usr / bin / ntlm_auth
--diagnostics --helper-protocol = squid-2.5-ntlmssp --domain =
my.company.cu
auth_param ntlm children 10
auth_param ntlm keep_alive off
auth_param ntlm credentialsttl 2 hour
#What I want is to know how to use the groups that are in my
active directory, specifically Internet1 and Internet2.
#Every time I run "squid -k parse" it shows me an error in
the line where I define the external groups.
#I am
running version 3.5.27
--
Saludos Cordiales
Lic. Alex Gutiérrez Martínez
Tel. +53 7 2710327
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
