Hi,
i'm running a squid server with ldap-Authentication against an Active
Directory server in Domain A. This works fine with the following lines:
...
auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b
dc=domainname,dc=de -R -D XXXXXXX -w YYYYYYYY -f sAMAccountName=%s
servername
external_acl_type ldap_group %LOGIN
/usr/local/squid/libexec/squid_ldap_group -b dc=domainname,dc=de -D XXXXXX
-w YYYYYYY -f "(&(cn=%g)(member=%u)(objectClass=group))" -F
"(sAMAccountName=%s)" -h servername -p 389
acl Proxy-Group external ldap_group Proxy-Benutzer
acl ldap-password proxy_auth REQUIRED
http_access allow ldap-password localnet Proxy-Group
...
My Squid runs on a firewall with 3 interfaces, 1st interface is the
connection to my provider, 2nd interface is connected to "localnet". Now i
want to add a new ip-network on the 3rd interface. Within this network, a
new Windows 2000 Domain (Domain B) should be set up. Domain A is independant
from the domain in network B (no connection). Users from domain B should
have to use my proxy too, again with ldap-authentication and group-checking.
Is this possible? How?
Thanks for reply.
Christoph
Received on Wed Mar 31 2004 - 04:04:45 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:03 MST