sounds like you have a bit of a hybrid solution going with the proxy.pac
handling some of the ACL work. Depending on the size of user base you
are dealing with, you could have various ACLs in squid based on client
IP. Otherwise you might be looking at using one of the built-in squid
auth mechanisms. NTLM auth might allow you to tie into AD.
bradb28 wrote:
> I currently have 1 squid proxy i'm using for my company configured to block
> all web access allowing only access to sites that I have on a proxy.pac file
> which is located under var/www/html/proxy.pac I currently have 2 groups
> within Active Directory. The first group is a managed user group which is
> the group I point too the proxy to block all web access only allowing sites
> approved on the proxy.pac file. The 2nd user group within Active directory
> is a un-managed user group which have full access to the internet because
> they don't point to the proxy. To make a long story short what I wanted to
> know if it can be done and how.... Is there a way to continue blocking the
> manage user group only allowing them access to websites on the proxy.pac
> file and also start pointing the un-managed group to the same proxy giving
> them total access to the internet but blocking various sites I.E. Porn
> etc.... Or would it be better just to configure a second proxy and point the
> un-managed users to it? Please advise
>
> New Squid User
>
Received on Fri Nov 21 2008 - 18:41:24 MST
This archive was generated by hypermail 2.2.0 : Sat Nov 22 2008 - 12:00:03 MST