Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-25-2004, 03:39 AM   #1
LQ Newbie
Registered: Jan 2004
Distribution: Gentoo, RedHat, SUSE, Debian
Posts: 10

Rep: Reputation: 0
Squid authentication using Active Directory Groups will not work

Hello All,
I must be missing something obvious, cause I've been trying to find an explaination or a chunk of squid.conf that will help me with this issue FOR AGES!!.

Anyway here what's going on. I have a Squid server running on Fedora Core1 on my network. The server is using winbind
I'm trying to authenticate members of groups in my Windows 2000 Active Directory. Basically if you're not a member of these particular group you don't have Internet Access. I've gotten it to work with individual users, but it just can't work with AD Groups:

This is what I have now, I've commented out the parts pertaining to the Groups as you can see. (You can also see the last syntax I tried using the @) I switch between the two while testing. Just in case anyone comes back to tell me to remove the comments!

Relevent parts of Squid.conf

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp 
auth_param ntlm children 5 
auth_param ntlm max_challenge_reuses 0 
auth_param ntlm max_challenge_lifetime 20 minutes 

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic 
auth_param basic children 5 
auth_param basic realm Squid proxy-caching web server 
auth_param basic credentialsttl 2 hours 


# acl AuthorisedUsers proxy_auth REQUIRED 
acl squidusers proxy_auth MYDOMAIN\USER1 mydomain\user1 
# acl squidusers proxy_auth @"MYDOMAIN\WWW-ACCESS" 


# http_access allow AuthorisedUsers 
http_access allow squidusers 
# And finally deny all other access to this proxy 
http_access allow localhost 
http_access deny all
If I run wbinfo -g I am able to view all the groups in AD. The AuthorisedUsers acl is there from a previous test. What am I missing??? Could it have something to do with case-sensitivity???

Old 05-25-2004, 12:54 PM   #2
LQ Newbie
Registered: Jan 2004
Distribution: Gentoo, RedHat, SUSE, Debian
Posts: 10

Original Poster
Rep: Reputation: 0


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid Authentication to Active Directory BuRnInICE Red Hat 2 06-03-2011 04:55 AM
Active Directory Authentication zenix SUSE / openSUSE 29 03-22-2007 10:00 AM
active directory authentication mozilla Linux - Networking 2 02-21-2005 04:55 AM
Squid Authentication Active Directory BuRnInICE Linux - Networking 1 10-27-2004 08:02 AM
Active Directory Groups with Samba??? beat_researcher Linux - Networking 0 06-14-2004 04:33 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:33 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration