We've been using several of the following on our squid NT boxes for a
while now:
acl sls_staff proxy_auth "c:/squid/etc/staff.txt"
http_access allow sls_staff
Seems to work fine - we require proxy auth using NT_auth for all users,
but the above allows members of the file staff.txt to drop out of the ACLs
earlier, and avoid some of the deny lines we use for non-staff users.
On 24 Nov 2004 at 20:05, Lars Roland wrote:
> Nope that is not god enough, I have squid working on group level with
> NTLM. using
>
> auth_param ntlm program ntlm_auth --helper-protocol=squid-2.5-ntlmssp
> auth_param basic program ntlm_auth --helper-protocol=squid-2.5-basic
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> external_acl_type nt_group %LOGIN /usr/lib/squid/wbinfo_group.pl
> acl AllowedNTGroups external nt_group "/etc/squid/acls/allowedntgroups"
>
> What I want to do is somthing like
>
> acl AllowedNTUsers external nt_users "/etc/squid/acls/allowedntusers"
>
> Using wbinfo_group.pl, for users does not cut it, it only works for
> groups.I want to be able to put Windows users in an external file and
> use them in a acl.
>
>
>
> On Wed, 24 Nov 2004 18:20:54 +0000, marc elsen <m_elsen@hotmail.com> wrote:
> >
> >
> >
> >
> > >
> > >Hi I have a question about controling individual windows users in
> > >squid, using NTLM auth (I whant to create acl's not only on group
> > >level, but also on user level). If someone knows the answar how to do
> > >this, then please email me here, I will gladly pay the first one that
> > >comes up with the answar, for his help.
> > >
> > >So 200USD to the first one that answers that question.
> > >
> >
> > Send 200USD to the FAQ maintainers after reading it.
> >
> > M.
> >
> > _________________________________________________________________
> > Free mail? MSN Hotmail ! http://www.msn.be/hotmail
> >
> >
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Shawn Wright, I.T. Manager
Shawnigan Lake School
http://www.sls.bc.ca
swright@sls.bc.ca
Received on Wed Nov 24 2004 - 12:51:07 MST
This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST