[squid-users] http_access and ntlm_auth

From: Jansen, Jan <jjansen@dont-contact.us>
Date: Tue, 2 Aug 2005 12:23:10 +0200

Hi!

I have a small authentication problem using squid-2.5.10_2 and
samba-3.0.14a,1.

Users at the Domain Controller (Win2K-Server) are in different groups:
Manager, Administrators and Internetusers.

Managers and Administrators should have access to all Sites, "normal"
Internetusers to all sites but the Denied_URLs.

My problem is, that Administrators and managers cannot access the cache
at all, if they are not included in the "Internetusers" group. Access to
the restricted URLs is not possible at all. Could anyone give me a tip?
Would be very helpful, I cant't see anything wrong...

acl all src 10.108.1.0/24
acl AuthorizedUsers proxy_auth REQUIRED
acl Internetuser external NT_global_group Internetusers
acl Administrators external NT_global_group Administrators
acl Manager external NT_global_group Manager
acl Denied_URLs dstdomain foobar.com www.foobar.com anotherexample.org
www.anotherexample.org

http_access allow Administrators
http_access allow Manager
http_access allow Internetusers !Denied_URLs
http_access deny all

Thanks a lot,
J. Jansen
Received on Tue Aug 02 2005 - 04:23:12 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT