Hi all,
I have 2 NT groups on the BDC for Internet Access, one for limited access
(just a dozen urls) and one group for full access. I configured squid for
the full access users with NTLM and SMB_auth method of authentication.
I think I can have it done using 2 parallel squid configurations with 2
squid.conf files. However I would prefer to have it done within the same
squid.conf configuration.
Configuration for full access would be :
# Modification: Authenticate with NTLM for IE
auth_param ntlm program /opt/squid/libexec/squid/ntlm_auth DOMAIN\bdc
DOMAIN\bdc2
auth_param ntlm children 8
auth_param ntlm max_challenge_reuses 1
auth_param ntlm max_challenge_lifetime 2 minutes
# Modification: Authenticate with basic for Netscape
auth_param basic program /opt/squid/libexec/squid/smb_auth -W DOMAIN
auth_param basic children 8
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
authenticate_ttl 36000 minutes
...
acl internetacl proxy_auth REQUIRED
http_access allow internetacl
For the limited users it should be something like this acl :
Idem for authentication. For SMB_AUTH I could use it with -S parameter with
something like \\netlogon\proxyauth-limited
acl allowed_sites url_regex -i "/etc/squid/sites.txt"
http_access allow allowed_sites
http_access deny all
However I do not figure out how I can configure this for 2 NT GROUPS with
each different kind of access.
Can someone help me with this one?
Best Regards,
./koen
Koen Van Bossche
KONE International SA
KCO Telecom
Ave E. Van Nieuwenhuyse, 6
B - 1160 Brussels, Belgium
Tel : +32 (0)2 676.93.81
Fax : +32 (0)2 676.93.91
Received on Tue Oct 30 2001 - 01:37:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:12 MST