[squid-users] Re: ntlm won't prompt

From: Norman Zhang <nzhang@dont-contact.us>
Date: Tue, 15 Jul 2003 11:53:43 -0700

Mueller, Thomas wrote:
>>> But i want only to allow a specific NT Domain group
>> Fully possible. See the wb_group helper.
>>
>>> only specific NT4 Domain Users.
>> Also possible. See the proxy_auth acl type.
>
> Do I have to re-compile Squid then?
> I cannot find the helper after my installation in the "libexec"
> directory?!

I found out that you don't need to recompile squid. I copied
squid-2.5.STABLE3/helpers/external_acl/winbind_group/wb_group to my existing
vendor installed squid RPM folder (/usr/lib/squid). Then added the following
lines to /etc/squid/squid.conf

external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group
acl ProxyUsers external NT_global_group ProxyUsers
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow AuthorizedUsers ProxyUsers
http_access deny all

You need to define ProxyUsers Global Group in NT though.

HTH,
Norman
Received on Tue Jul 15 2003 - 12:53:50 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:00 MST