Squid 使用AD认证
配置文件如下:
[*] http_port 8080
[*] #auth ldap
[*] auth_param basic program /usr/local/squid/libexec/basic_ldap_auth -R -b "dc=test,dc=net" -D "cn=Administrator,cn=Users,dc=test,dc=net" -w "xxxx" -f sAMAccountName=%s -h 192.168.1.8
[*] #192.168.1.8 是AD; administrator和xxxx是此AD的用户名和密码
[*] auth_param basic children 5
[*] auth_param basic realm test.net
[*] auth_param basic credentialsttl 5 minutes
[*] acl test proxy_auth REQUIRED
[*] http_access allow test
[*] acl CONNECT method CONNECT
[*] redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
[*] cache_dir ufs /usr/local/squid/var/cache/squid 1024 16 256
[*] coredump_dir /usr/local/squid/var/cache/squid
[*] refresh_pattern ^ftp: 1440 20% 10080
[*] refresh_pattern ^gopher: 1440 0% 1440
[*] refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
[*] refresh_pattern . 0 20% 4320
[*] cache_effective_user squid
[*] cache_effective_group squid
[*] visible_hostname Firewall
如果要在squidGuard里启用LDAP认证,那squid里首先得启用LDAP认证.
具体代码就按官方的(删除了CN=...)
ldap://ldap.example.net/cn=administrator,ou=People,dc=example,dc=net?memberUid?sub(&(objectclass=posixGroup)(memberUid=%s))
页:
[1]