thanks for the reply Angel. I have read on the forums that these two helpers can be used together!?
On 7/24/07, Angel Mieres <[EMAIL PROTECTED]> wrote:
Hi nick, I don't have much experience on squid + Windows plataform but i recommend you to take the following way, you must try to separate authenticators and group clasificators by topic, i think you must use ntlm_auth with wbinfo_group or squid_ldap_auth with squid_ldap_group trying not mixing both. I hope this help you. nick w escribió: > Hi, > > I have had a look through the threads and see that there are a few > threads on this particular issue but dealing with Unix based squid > servers and not Windows platforms. I am having a little trouble > getting the squid_ldap_group helper working with NTLM_Auth and running > on a W2K3 server. With the config below when you try to browse the net > the browser just hangs trying to contact the website, no access denied > message appears and I am assuming that the browser has not had a > response back from squid. I have checked the cache.log file and I see > entries in there saying that the request matched a denied acl rule and > access is denied. If you are not in the AD group for denying inet > access you get the same browser hang. Not sure what to do from here. > > auth_param ntlm program c:/proxy/libexec/win32_ntlm_auth.exe > auth_param ntlm children 40 > auth_param ntlm max_challenge_reuses 0 > auth_param ntlm max_challenge_lifetime 2 minutes > auth_param ntlm use_ntlm_negotiate on > > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > auth_param basic casesensitive off > > external_acl_type ldap_group %LOGIN > C:\Proxy\libexec\squid_ldap_group.exe -b OU=xxx,DC=xxx,DC=xxx -f > OU=xxx,DC=xxx,DC=xxx -F OU=xxx,DC=xxx,DC=xxx -h LDAP_server_name -p > 389 -S > > > > acl inet_deny external ldap_group > CN=No-Internet-Access,OU=xxx,DC=xxx,DC=xxx > > > > http_access deny inet_deny > > > > Any help would be greatly appreciated. > > __________ Informaci�n de NOD32, revisi�n 2413 (20070723) __________ > > Este mensaje ha sido analizado con NOD32 antivirus system > http://www.nod32.com > > >
