I'm modifying the squid.conf file of my proxy server for replace "basic auth" for "ntlm auth".

All work fine in squid, but when I use dansguardian, I've noticed that dansguardian doesn't get the username if I remove this lines from squid.conf:


------------------------------------------------
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -R -b "dc=domain" -D "cn=proxy,cn=proxy,dc=domain" -w "proxy" -f "(&(objectclass=person) (sAMAccountName=%v)(memberof=cn=%a,ou=proxy,dc=domain))" -h 1.1.1.1

acl ldapLimited external ldap_group notAlowed
acl ldapTotal external ldap_group alowed

http_access allow ldapTotal all
------------------------------------------------

Note: 1.1.1.1 is dc ip address


I thought that this lines affects only to basic authentication since it already was wrote before I start to implement the NTLM auth.

Anybody can explain me what this lines are doing exactly? I revised the ldap groups refered in this lines (ldapLimited and ldapTotal) and it are empty.

Regards,
F.J

Reply via email to