[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
Question
[x]
Attachment Details

squid+squidguard+ldap groups on AD

Asked by scaryskullz in Linux Network Security, Linux, Proxy/Firewall Anti-Virus

Tags: squid squidguard ldap groups

Hi I have been scratching my head to build the ldapsearch query for squidguard.
My current setup is
proxy : squid
uses ntlm auth to authenticate against windows 2003 AD
filter: squidguard
I am trying to match the user (sAMAccountName) with AD group membership.

My squidguard configuration looks like

src good_users {
        ldapusersearch ldap://ldapserver/cn=Inetusers,ou=Groups,dc=resunleasing,dc=com?sAMAccountName?sub?(sAMAccountName=%s)
}

Inetusers is a group in AD which has a list of allowed users.

I dont think it is matching the source.

my acl looks like
acl {
        good_users {
                pass    all
                redirect http://localhost/block.html
                }
        default {
                pass  none
                redirect http://localhost/block.html
        }
 }

It only defaults to default.
Any help or direction is appreciated.
[+][-]06/08/09 10:18 AM, ID: 24574228Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06/08/09 10:44 AM, ID: 24574463Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20100315-EE-VQP-143 - Hierarchy / EE_QW_4_20070622