Mueller, Thomas wrote: >>> But i want only to allow a specific NT Domain group >> Fully possible. See the wb_group helper. >> >>> only specific NT4 Domain Users. >> Also possible. See the proxy_auth acl type. > > Do I have to re-compile Squid then? > I cannot find the helper after my installation in the "libexec" > directory?!
I found out that you don't need to recompile squid. I copied squid-2.5.STABLE3/helpers/external_acl/winbind_group/wb_group to my existing vendor installed squid RPM folder (/usr/lib/squid). Then added the following lines to /etc/squid/squid.conf external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group acl ProxyUsers external NT_global_group ProxyUsers acl AuthorizedUsers proxy_auth REQUIRED http_access allow AuthorizedUsers ProxyUsers http_access deny all You need to define ProxyUsers Global Group in NT though. HTH, Norman
