If users are a memebr of a certain AD group, they are granted access to the web. I have this working but there is a glitch.
I have to restart squid everytime I add or remove a user from the active directory group for the change to kick in. I could set up cron to restart squid every x amount of minutes but that is no good. see settings

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 30
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate on

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid Proxy Server
auth_param basic credentialsttl 2 hours

external_acl_type wbinfo_group_helper %LOGIN /usr/lib/squid/wbinfo_group.pl

acl ldapauth external wbinfo_group_helper ipcopusers

http_access allow ldapauth
http_access deny all

Any work arounds for this. I need to able to add an AD user to an AD group so they can have instant access to the web without me having to restart squid