Hello Henrik,
Thank you very much! :)
The undocumented (in Squid 2.5.STABLE1) parameter of "external" was the barrier to getting LDAP group control. The group control is working very well.
I recommend placing the group allow ACL definitions before the deny definitions in the squid.conf file. Hopefully the updated man page for squid_ldap_group reflects this?
Again, thank you.
Tim
-- ---------------------------------------------------------------------- Timothy E. Neto Computer Systems Engineer Komatsu Canada Limited Ph#: 905-625-6292 x265 1725B Sismet Road Fax: 905-625-6348 Mississauga, Ontario, Canada E-Mail: [EMAIL PROTECTED] L4W 1P9 ----------------------------------------------------------------------
Henrik Nordstrom wrote:
On Mon, 12 Jan 2004, Tim Neto wrote:
squid (pid 6251 6249) is running...
20040112 15:04:09| _*squid.conf line 83: acl kclit_grp ldap_group
kclit*_
The acl is almost correct, but is missing one word. It should read:
acl kclit_grp external ldap_group kclit
There has been thought about eleminating the need of the external keyword on acl types defined by external_acl_type, but this has not yet been done.
Note: some of the early examples for squid_ldap_group did the same error of forgetting the external keyword..
Regards Henrik
