Hi,
does anyone knows wether is this scenario possible?
setup:
- squid 5.x
- host is domain joined (winbind)
- kerberos is configured and working
- squid uses as auth params kerberos/ntlm - ntlm - basic (ldap) in this order
- clients are all domain joined
- every user is a domain user
- some users are member of group "internet", some others are not
- permission is set to group members (internet)
challenge:
- the users without group membership (internet) should be forced to use basic auth (ldap) to give alternative user credentials (with group membership internet)
Some tries with auth_schemes were not succesful.
Customer use in its old setup (Microsoft Forefront TMG) with this feature (someone had built a workaround with a helper script in the past.)
I had never seen this, but the behaviour of it.
--
Mit freundlichen Grüßen
Thomas Müller
<<attachment: smime.p7s>>
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
