LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-19-2010, 07:23 AM   #1
haw3d
LQ Newbie
 
Registered: Oct 2010
Posts: 1

Rep: Reputation: 0
Question squid acl for ldap users


hi
i implement sso for my network and users can surf internet by login in his accounts and log their user names. i want to put some acls on user names instead of group based. and also can use delay pools for manage used bandwidth.
for example:
user1 allow internet access BW 10kbps
user2 deny internet access
user3 allow internet access BW 20kbps
can implement this by squid? can you give help me?
Linux 2.6.22 - squid 2.6 stable 6 - AD: win2k3 server
authentication config:

PHP Code:
# START AUTHENTICATION     
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
#auth_param ntlm max_challenge_reuses 0
#auth_param ntlm max_challenge_lifetime 2 minutes
#auth_param ntlm use_ntlm_negotiate off
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Domain Proxy Server      
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
authenticate_cache_garbage_interval 10 seconds
## 
# Credentials past their TTL are removed from memory
authenticate_ttl 0 seconds
##
## acl entries to require authentication:
acl AuthorizedUsers proxy_auth REQUIRED
auth_param basic program 
/usr/lib/squid/squid_ldap_auth -"dc=ssotest,dc=com" --"cn=Administrator,cn=Users,dc=ssotest,dc=com" -"111111" -"(&(objectClass=person)(sAMAccountName=%s))" -u sAMAccountName -v 3 -P 192.168.10.1:389
# METHOD is LDAP
auth_param basic children 20
auth_param basic realm Endian Advanced Proxy Server
auth_param basic credentialsttl 60 minutes
acl for_inet_users proxy_auth REQUIRED
# END AUTHENTICATION 
excuse me for my bad English Thank you
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid ACL uwa45 Linux - Networking 1 06-11-2010 12:30 PM
squid acl Winanjaya Linux - Server 1 04-23-2009 11:03 AM
authenticating Squid users by ldap? linx win Linux - Server 1 04-09-2009 04:40 PM
LDAP ACL assistance don_wombat_73 Linux - Software 0 11-20-2008 08:54 AM
Squid ACL dfctve_end_user Linux - Networking 2 01-13-2003 09:30 AM


All times are GMT -5. The time now is 09:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration