[squid-users] Why need this for get "auth-sync" between squid and dansguardian?

From: Fran Márquez <fjmarquez.ext_at_chguadalquivir.es>
Date: Fri, 01 Apr 2011 14:12:49 +0200

I'm modifying the squid.conf file of my proxy server for replace "basic
auth" for "ntlm auth".

All work fine in squid, but when I use dansguardian, I've noticed that
dansguardian doesn't get the username if I remove this lines from
squid.conf:

------------------------------------------------
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -R
-b "dc=domain" -D "cn=proxy,cn=proxy,dc=domain" -w "proxy" -f
"(&(objectclass=person)
(sAMAccountName=%v)(memberof=cn=%a,ou=proxy,dc=domain))" -h 1.1.1.1

acl ldapLimited external ldap_group notAlowed
acl ldapTotal external ldap_group alowed

http_access allow ldapTotal all
------------------------------------------------

Note: 1.1.1.1 is dc ip address

I thought that this lines affects only to basic authentication since it
already was wrote before I start to implement the NTLM auth.

Anybody can explain me what this lines are doing exactly? I revised the
ldap groups refered in this lines (ldapLimited and ldapTotal) and it are
empty.

Regards,
F.J
Received on Fri Apr 01 2011 - 12:12:59 MDT

This archive was generated by hypermail 2.2.0 : Sun Apr 03 2011 - 12:00:01 MDT