Grund, Andreas wrote: > I have a authorisation problem using external helper wbinfo_group.pl. We > have 2 trusted domains DOM_A and DOM_B (NT4 Domains). Authorisation to > DOM_A (squid server is member of DOM_A) works fine, but users belonging to > DOM_B couldn't be authorized.
> For example: 'userB' belonging to group 'grpB' in domain 'DOM_B' tries to > open a page. Now wbinfo_group gets 'DOM_B+userB grpB' and is sending 'ERR' > to quid (could not lookup name). > If the parameter would be 'DOM_B+userB DOM_B+grpB', everything would be > fine (at least regarding my tests using wbinfo_group.pl directly from > shell). > # squid_auskunftD2 is global group in DOM_A > acl _auskunftD1_user external NT_global_group squid_auskunftD1 > # squid_auskunftD2 is global group in DOM_B > acl _auskunftD2_user external NT_global_group squid_auskunftD2 What if you changed these acls to be: acl _auskunftD1_user external NT_global_group DOM_A+squid_auskunftD1 acl _auskunftD2_user external NT_global_group DOM_B+squid_auskunftD2 Adam
