Will all 3 groups have the same rights ? Or do you want to block some users
and others not.
Markus
"Roy Anciso" <roy_at_manistee.org> wrote in message
news:AANLkTikJgqwiztr3Ubnk-KFG-tHJXeRg0jG7okR2M9tY_at_mail.gmail.com...
Hello,
I know with squid_kerb_ldap you can list multiple groups using a colon
- group1:group2. However when i try to define http access rules for
specific groups I can't seem to get the acl right. At this point in
time I have separate external acls for each group to make this work
(see below). My question is - is there a better way to do this without
so many external acls defined? Thanks
external_acl_type kerbldapwebstaff ttl=3600 %LOGIN
/usr/local/bin/squid_kerb_ldap -i -d -g webstaff_at_MAPS.MISD.LOCAL
external_acl_type kerbldapweballow ttl=3600 %LOGIN
/usr/local/bin/squid_kerb_ldap -i -d -g weballow_at_MAPS.MISD.LOCAL
external_acl_type kerbldapwebdeny ttl=3600 %LOGIN
/usr/local/bin/squid_kerb_ldap -i -d -g webdeny_at_MAPS.MISD.LOCAL
acl kerb_group_webstaff external kerbldapwebstaff
acl kerb_group_weballow external kerbldapweballow
acl kerb_group_webdeny external kerbldapwebdeny
http_access allow kerb_group_webstaff
http_access allow kerb_group_weballow
http_access allow kerb_group_webdeny
-- Roy Anciso Director of Technology Manistee Intermediate School District 772 East Parkdale Avenue Manistee, MI 49660 Ph: 231-723-4264 Fx: 231-398-3036 roy_at_manistee.orgReceived on Thu Nov 04 2010 - 23:01:08 MDT
This archive was generated by hypermail 2.2.0 : Fri Nov 05 2010 - 12:00:01 MDT