On 01/09/11 04:28, Nahuel Chaves wrote:
> im having troubles assigning ACL to ldap groups... i have this:
>
> external_acl_type gruposLDAP %LOGIN /usr/lib64/squid/squid_ldap_group
> -P -R -b OU=USUARIOS,DC=tierradelfuego,DC=gov,DC=ar -D proxyAuth -w
> password -f (&(objectClass=person)(sAMAccountName=%u)(memberOf=CN=%g,OU=GRUPOS,DC=tierradelfuego,DC=gov,DC=ar))
> -h 10.1.9.33 -s sub -v 3 -d
>
> acl ProxyA external gruposLDAP _GP_US_PROXY_A
> acl ProxyB external gruposLDAP _GP_US_PROXY_B
>
>
> acl ad_users proxy_auth REQUIRED
>
> http_access deny !ad_users
> http_access deny ProxyB
> http_access allow ProxyA
>
> http_access allow all
>
> but no matters if a user is in ProxyA or ProxyB ... it cant navigate
> through this proxy server. Any ideas?
Perhapse telling us what "cannot navigate" means will help.
Constant logins challenges? denial message? TCP hangs? what?
I notice you have the debug (-d) option configured. Perhapse your
cache.log will indicate the problem. If not then where are the debug
messages going?
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.15 Beta testers wanted for 3.2.0.10Received on Thu Sep 01 2011 - 05:02:23 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 01 2011 - 12:00:03 MDT