On Thu, 26 Aug 2004, fx wrote:
Thanks for the reply, but I'm wondering how we would get the group?
Most easily via wbinfo_group.
In case of MS ADS you can also use squid_ldap_group.
Both comes with a short manual on how to use them, and is part of the Squid distribution.
I know that through the use of external helpers etc I can return squid an "OK" / "ERR" based on which group the user is in, but how would I say any user in group "Developers" goes through peer 10.10.10.1 and any user in groups "Janitors" or "Cleaners" go through 10.10.10.2.?
Only problem is that cache_peer_access does not like "slow" acls requiring external lookups very well. See earlier response on how to work around this.
All ACLs in Squid is "boolean". Either the ACL matches for the request or it does not.
Regards Henrik
