Hi I have tried to use only Kerberos authentication, but didn't work! I have already used the 3 way below:
1) auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth 2) auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -s GSS_C_NO_NAME -i 3) auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -s HTTP/proxy.cms.ensino...@cms.ensino.br Now, kerberos and NTLM together is OK with Windows worstations, but with Linux appear the message in my Browser: "cache denied access". Thus, I have used the basic_ldap_auth to Linux machines. Following is authentication block the my squid.conf: ### Kerberos and NTLM ### auth_param negotiate program /usr/lib/squid3/negotiate_wrapper_auth -d --ntlm /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=CMS --kerberos /usr/lib/squid3/negotiate_kerberos_auth -d -s GSS_C_NO_NAME auth_param negotiate children 10 auth_param negotiate keep_alive off ### LDAP ### auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b DC=cms,DC=ensino,DC=br -D CN=proxy,CN=Users,DC=cms,DC=ensino,DC=br -w passwd -h 192.168.200.25 -p 389 -s sub -v 3 -f "sAMAccountName=%s" auth_param basic children 50 auth_param basic realm "Acesso Monitorado - CMS" auth_param basic credentialsttl 8 hours auth_param basic casesensitive off Now I would like to identify groups of the users (admins, managers and domain users) to create access profiles. How can I do this? ext_ldap_group_acl or ext_kerberos_ldap_group_acl ? Regards, Márcio
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users