vincent.blon...@ing.be wrote:
Hello,
I am trying to block Internet access for people member of one
specific
AD Security group called GSIFBENoInternetAccess but I get some issue
with it.
When I try the squid_ldap_group process from shell, the mechanism is
working well. my service account corre
>
>> Hello,
>>
>> I am trying to block Internet access for people member of one
specific
>> AD Security group called GSIFBENoInternetAccess but I get some issue
>> with it.
>>
>> When I try the squid_ldap_group process from shell, the mechanism is
>> working well. my service account correctly requ
Nordstrom'
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Deny access to particular AD group on reverse setup
Nothing is different. They are all distribution groups, nothing is different.
# wbinfo --user-domgroups S-1-5-21-1735149609-2005929907-911163043-2553
S-1-5-21-173514
vincent.blon...@ing.be wrote:
Hello,
I am trying to block Internet access for people member of one specific
AD Security group called GSIFBENoInternetAccess but I get some issue
with it.
When I try the squid_ldap_group process from shell, the mechanism is
working well. my service account correct
Hello,
I am trying to block Internet access for people member of one specific
AD Security group called GSIFBENoInternetAccess but I get some issue
with it.
When I try the squid_ldap_group process from shell, the mechanism is
working well. my service account correctly requests our Active Director
tis 2009-09-15 klockan 13:32 -0400 skrev Nick Duda:
> Nothing is different. They are all distribution groups, nothing is different.
And still samba winbind is not returning the ..-7230 group SID (group3)
for your user SID... which means that as far as Samba winbind is
concerned you are not member
-545
-Original Message-
From: Henrik Nordstrom [mailto:hen...@henriknordstrom.net]
Sent: Tuesday, September 15, 2009 1:20 PM
To: Nick Duda
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Deny access to particular AD group on reverse setup
What does the following commands return
K
>
>
>
>
> -Original Message-
> From: Henrik Nordstrom [mailto:hen...@henriknordstrom.net]
> Sent: Monday, September 14, 2009 4:55 PM
> To: Nick Duda
> Cc: squid-users@squid-cache.org
> Subject: RE: [squid-users] Deny access to particular AD group o
0x0)
> Got nduda noproxyuse from squid
> Could not lookup name noproxyuse
> Could not convert sid to gid
> User: -nduda-
> Group: -noproxyuse-
> SID: --
> GID: --
> Sending ERR to squid
>
> And I still get the "Access Denied" page.
>
>
>
>
>
proxyuse
> Could not convert sid to gid
> User: -nduda-
> Group: -noproxyuse-
> SID: --
> GID: --
> Sending ERR to squid
>
> And I still get the "Access Denied" page.
>
>
>
>
>
>
> -Original Message-
> From: Nick Duda
&g
Nordstrom'
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Deny access to particular AD group on reverse setup
Do I need to compile something into squid for this? Here is what I get with I
use debug on wbinfo_group
[2009/09/14 09:54:17, 3] utils/ntlm_auth.c:check_plaintext_auth
gid
User: -jdoe-
Group: -noproxyuse-
SID: --
GID: --
Sending ERR to squid
-Original Message-
From: Henrik Nordstrom [mailto:hen...@henriknordstrom.net]
Sent: Friday, September 11, 2009 4:39 PM
To: Nick Duda
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Deny access to
fre 2009-09-11 klockan 12:51 -0400 skrev Nick Duda:
> How can I configure squid to allow access to all users and block users in a
> certain AD group?
See the wbinfo_group helper. (external_acl_type)
Regards
Henrik
We are testing squid reverse proxy for OWA and want to allow access to all
except a certain group in AD. Currently I have squid configured to allow access
to people that are in a certain group via:
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
--require-membershi
Hi,
without password request prompt?
Just remove your authentication scheme in squid.conf
Regards
Yong
lharissa wrote:
Hi,
Does anybody know how to deny access without password request prompt?
Thank you
Lharissa
On Wed, 15 Dec 2004, lharissa wrote:
Does anybody know how to deny access without password request prompt?
Don't use a proxy_auth acl type as last acl on the http_access line
denying the access..
Regards
Henrik
>
> Hi,
> Does anybody know how to deny access without password request prompt?
> Thank you
> Lharissa
>
- Check the Squid FAQ on access controls.
M.
Hi,
Does anybody know how to deny access without password request prompt?
Thank you
Lharissa
On Thu, 25 Nov 2004, Ken Ara wrote:
I'm getting tired of 'referer spam' and so thought I
might send these folks a 403. However, using the
Webmin interface to Squid, I don't see which type of
ACL will do this. Most of my DENY lines are for
Browser Regexp or Client Address. How do we block a
refering
On Thu, 25 Nov 2004, Ken Ara wrote:
I'm getting tired of 'referer spam' and so thought I
might send these folks a 403. However, using the
Webmin interface to Squid, I don't see which type of
ACL will do this. Most of my DENY lines are for
Browser Regexp or Client Address. How do we block a
refering
Hi,
I'm getting tired of 'referer spam' and so thought I
might send these folks a 403. However, using the
Webmin interface to Squid, I don't see which type of
ACL will do this. Most of my DENY lines are for
Browser Regexp or Client Address. How do we block a
refering URL (or referer-regexp)?
Than
On Tue, Oct 05, 2004 at 12:23:38PM +0200, Peter Schulz-Kraus wrote:
> I want to deny access to as many webmailers as possible. Do You know
> any links, where I can find blacklists and stuff I can use with squid?
There are a few commercial proxy servers that have built-in filter
lists. This would b
Hello,
I want to deny access to as many webmailers
as possible.
Do You know any links, where I can find
blacklists and stuff I can use with squid?
Greetings, Peter
23 matches
Mail list logo