Results 1 to 1 of 1
If users are a memebr of a certain AD group, they are granted access to the web. I have this working but there is a glitch. I have to restart ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-30-2010 #1
- Join Date
- Dec 2008
squid group authentication from AD
If users are a memebr of a certain AD group, they are granted access to the web. I have this working but there is a glitch.
I have to restart squid everytime I add or remove a user from the active directory group for the change to kick in. I could set up cron to restart squid every x amount of minutes but that is no good. see settings
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid Proxy Server
auth_param basic credentialsttl 2 hours
external_acl_type wbinfo_group_helper %LOGIN /usr/lib/squid/wbinfo_group.pl
acl ldapauth external wbinfo_group_helper ipcopusers
http_access allow ldapauth
http_access deny all
Any work arounds for this. I need to able to add an AD user to an AD group so they can have instant access to the web without me having to restart squid