RE: [squid-users] Squid 2.6 - Deny all users in a specific Active Directory OU (not group)

From: Kris Glynn <Kristen.Glynn_at_virginblue.com.au>
Date: Wed, 19 May 2010 13:17:44 +1000

Thanks for the info.

Can the same be achieved with the NTLM helper given this initial configuration ?

external_acl_type ldap_group ttl=300 children=40 %LOGIN /usr/lib/squid/wbinfo_group.pl

Can we allow/deny users in a specific OU with NTLM ?

Regards

- Kris Glynn: (07) 3295 3987 - 0434602997

-----Original Message-----
From: Henrik Nordström [mailto:henrik_at_henriknordstrom.net]
Sent: Wednesday, 19 May 2010 11:02 AM
To: Kris Glynn
Cc: squid-users_at_squid-cache.org
Subject: RE: [squid-users] Squid 2.6 - Deny all users in a specific Active Directory OU (not group)

ons 2010-05-19 klockan 10:54 +1000 skrev Kris Glynn:
> Thank you very much Henrik.
>
> A few things I would like to mention.
>
> 1. You specify using "external_acl_program" but I assume you mean "external_acl_type"

Correct.

> 2. What does the "X" mean in this acl line "acl ldap_service_accounts external ldap_service_accounts X"

It's a dummy group name. The helper is designed for group lookups and
not sure the helper is happy without a group argument. Actually ignored
due to the filter not including %g for group.

Regards
Henrik
The content of this e-mail, including any attachments, is a confidential communication between Virgin Blue, Pacific Blue or a related entity (or the sender if this email is a private communication) and the intended addressee and is for the sole use of that intended addressee. If you are not the intended addressee, any use, interference with, disclosure or copying of this material is unauthorized and prohibited. If you have received this e-mail in error please contact the sender immediately and then delete the message and any attachment(s). There is no warranty that this email is error, virus or defect free. This email is also subject to copyright. No part of it should be reproduced, adapted or communicated without the written consent of the copyright owner. If this is a private communication it does not represent the views of Virgin Blue, Pacific Blue or their related entities. Please be aware that the contents of any emails sent to or from Virgin Blue, Pacific Blue or their related entities may be periodically monitored and reviewed. Virgin Blue, Pacific Blue and their related entities respect your privacy. Our privacy policy can be accessed from our website: www.virginblue.com.au
Received on Wed May 19 2010 - 03:17:49 MDT

This archive was generated by hypermail 2.2.0 : Wed May 19 2010 - 12:00:06 MDT