Re: [squid-users] NTLM auth and groupmembership from Amos Jeffries on 2008-11-13 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 14 Nov 2008 16:10:59 +1300 (NZDT)

> Ok, I scrapped the radius authentication and went back to NTLM. Is it
> possible to check for a group membership during/after authentication to
> allow a user to use SQUID? For instance, I want to be able to take away
> or grant access to the proxy based on an AD group membership.
>

Yes, its done with an external acl helper that checks group.

I can't seem to find a good config example but these sort of cover whats
needed:
http://wiki.squid-cache.org/KnowledgeBase/NoNTLMGroupAuth
http://wiki.squid-cache.org/ConfigExamples/WindowsAuthenticationNTLM?highlight=%28auth%29%7C%28group%29#head-b97c45f4010166071a17e433b4433cd642defc1f

Amos
Received on Fri Nov 14 2008 - 03:11:08 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 14 2008 - 12:00:03 MST