Folks,
I'm trying to get a dual squid - dg setup working and so far it's working quite fine. It's the last part of my setup taht isn't working, the checking if some NT user is a member of a group. Proxy auth is working (ntlm scheme) According to the docs I have to add following:
external_acl_type nt_group ttl=0 children=20 protocol=2.5 %LOGIN /usr/lib/squid/wbinfo_group.pl
acl RestrictedGroups external nt_group NietSurfen
http_access deny RestrictedGroups
This way, RestrictedGroups should not be able to browse the internet. But this isn't working. I suspect that the wbinfo_group.pl script is malfunctioning. Is there a way to check this?
These are my version numbers, I'm running debian etch
Squid Cache: Version 2.6.STABLE4
configure options: '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--sysconfdir=/etc/squid' '--localstatedir=/var/spool/squid' '--datadir=/usr/share/squid' '--enable-async-io' '--with-pthreads' '--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-linux-netfilter' '--enable-linux-proxy' '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-htcp' '--enable-cache-digests' '--enable-underscores' '--enable-referer-log' '--enable-useragent-log' '--enable-auth=basic,digest,ntlm' '--enable-carp' '--with-large-files' 'i386-debian-linux' 'build_alias=i386-
debian-linux' 'host_alias=i386-debian-linux' 'target_alias=i386-debian-linux'
1-semmanuel:/home/hermes# smbd -V
Version 3.0.23c
1-semmanuel:/home/hermes# wbinfo -V
Version 3.0.14a-Debian
1-semmanuel:/home/hermes# winbindd -V
Version 3.0.14a-Debian
--
Thanks,
Pieterjan Heyse
ICT Coördinator KSGWL - Scheppersinstituut
Scheppersinstituut Wetteren
Cooppallaan 128
9230 Wetteren
Tel: 09 3692072
Fax: 09 3661348
mailto:pieterjan.heyse@scheppers-wetteren.be
Received on Thu Oct 26 2006 - 02:27:47 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST