How do you mean "transparent proxy" ? Are you referring to the authentication
being transparent, or are you referring to using port 80 TCP redirection
rather than statically controlled proxy configurations in browsers?
Adrian
On Tue, Nov 27, 2007, Terry Dobbs wrote:
> Hey
>
> I have a transparent proxy setup using squid, winbind, samba, etc... I
> got sick of manually blocking IP addresses from accessing the internet
> and stumbled across an article (thank god for google!) that allows
> access based on AD Group.
>
> It pretty much looks like...
>
> external_acl_type ntgroup %LOGIN /usr/lib/squid/wbinfo_group.pl
> acl NoInternet external ntgroup NoInternet
>
> Then there is the http_access deny line that denies the NoInternet
> group.
>
> This seems to work fine, if a user belongs to the NoInternet group they
> are prompted for Username/Password and even if they put in the correct
> credentials they aren't allowed to go anywhere.
>
> My question is, instead of prompting for username/password if a user
> belongs to the group, how do I just redirect them to a page? No other
> time is my users prompted for authentication as it uses the NT "pass
> through" credentials, so not sure why it wants to prompt now.
>
> Hoping someone out there is doing something similar?
>
> Thanks!
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -Received on Tue Nov 27 2007 - 19:31:29 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST