Hallo all I have installed a new Redhat Fedora Core 2 machine to make authentication Squid Poxy (2.5.STABLE5-4.fc2.2) at ms active directory.
Look at my configuration: Squid.conf auth_param basic program /usr/lib/squid/squid_ldap_auth -b "dc=xyz,dc=local" - D "CN=ldapgroup,CN=USERS,DC=xyz,DC=local" -w "123456" -f "(&(sAMAccountName=%s)(objectClass=Person))" 192.168.0.1 auth_param basic children 5 auth_param basic realm Proxy Auth auth_param basic credentialsttl 2 hours external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group - b "dc=xyz,dc=local" -D "CN=ldapgroup,CN=TEMP,DC=xyz,DC=local" -w "123456" -f "(&(CN=%g)(member=% u))" -F "sAMAccountName=%s" 192.168.0.1 acl ulocal proxy_auth REQUIRED acl uldap_group external ldap_group internet http_access allow uldap_group This configuration is running well. Now my problem. I want that only users in my active directory may use the squid proxy who are in the group "internet". That dosn t happend. All users from the MS Active Directory can use the proxy. Has anybody an idea and can help me. Thanks a lot!