Joost Kraaijeveld wrote: > All I want is that Squid checks whether the user that wants a page is > member of a certain group (Domain Admins). I have the wbinfo_groups.pl > installed in /usr/bin. I have installed Debian Sarge, kernel 2.6.3-1-686, > Samba 3.0.2a-Debian, Winbindd version 3.0.2a-Debian and Squid Cache > version 2.5.STABLE5 for i386-debian-linux-gnu. > > I have done all the tests described in the FAQ and they ran OK. Running > wbinfo_groups.pl seems to go OK: I start the script, answer with > "Domain\user Domain\group" and it returns OK if amember, ERR otherwise. > > I have no clue how to proceed.
Something like this should work for you: external_acl_type NTGroup %LOGIN /path/to/wbinfo_group.pl acl auth_users NTGroup "Domain Admins" http_access allow auth_users This covers the group helper. If you need help getting the basic/NTLM auth helpers working, see the Squid FAQ for details. There is also info in the default squid.conf that describes options you can pass the the external_acl_type parameter to control number of helper processes, time to cache helper replies, etc. Adam
