Hi, i'm running a squid server with ldap-Authentication against an Active Directory server in Domain A. This works fine with the following lines:
... auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b dc=domainname,dc=de -R -D XXXXXXX -w YYYYYYYY -f sAMAccountName=%s servername external_acl_type ldap_group %LOGIN /usr/local/squid/libexec/squid_ldap_group -b dc=domainname,dc=de -D XXXXXX -w YYYYYYY -f "(&(cn=%g)(member=%u)(objectClass=group))" -F "(sAMAccountName=%s)" -h servername -p 389 acl Proxy-Group external ldap_group Proxy-Benutzer acl ldap-password proxy_auth REQUIRED http_access allow ldap-password localnet Proxy-Group ... My Squid runs on a firewall with 3 interfaces, 1st interface is the connection to my provider, 2nd interface is connected to "localnet". Now i want to add a new ip-network on the 3rd interface. Within this network, a new Windows 2000 Domain (Domain B) should be set up. Domain A is independant from the domain in network B (no connection). Users from domain B should have to use my proxy too, again with ldap-authentication and group-checking. Is this possible? How? Thanks for reply. Christoph
