-----Original Message-----
From: Oles Hnatkevych [mailto:gnut@gw.alfabank.kiev.ua]
Sent: Monday, July 05, 2004 8:20 AM
To: squid-users@squid-cache.org
Subject: [squid-users] squid+ntlm
Hello guys! The problem is NTLM usernames in multiple rules.
Given: squid + NTLM authentication, unix.
How do I use different login names in different ACLs?
Example.
acl all_users proxy_auth "/usr/local/etc/squid/ntlm_users.txt"
acl restricted_users proxy_auth
"/usr/local/etc/squid/restricted_users.txt"
acl restricted_urls url_regex -i
"/usr/local/etc/squid/restricted_urls.txt"
http_access deny !all_users
http_access deny restricted_users !restricted_urls
http_access allow all
The second "http_access" rule tries to authenticate user again. NTLM is
a weird one scheme, the second authentication probe in the same request
is denied. I have not found ACL that would match already authenticated
users. How to manage it all?
Thanks in advance!
***************************************************
This is not the answer you're looking for, but rather another way to
handle the situation. If you have domain admin rights on the NT PDC,
then create new groups, either global or local, and assign the users to
the groups. Then, using the squid wb_group helper, create your ACLs
based on group, instead of user.
-- david
Received on Mon Jul 05 2004 - 06:27:41 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:01 MDT