Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Ruslan Samara2017-08-03 11:58:45
linux
Ruslan Samara, 2017-08-03 11:58:45

How to configure squid + sams2 config properly?

Good day. set up everything according to the instructions https://serveradmin.ru/nastroyka-proksi-servera-na...
Works as a transparent proxy (only the redirect does not work, but this is not important yet), allows you to access all sites and automatically logs in under all AD users .
The only caveat is that I don’t know where and how to enter it so that it is forbidden for everyone, but only for a certain group of users in AD. And if it is possible for me to have some kind of synchronization with AD, because the traffic shows only those users whom I will add to sams via the web interface.
wbinfo -u (-g) will display the correct list, everything is configured as it should and works without errors, apparently it remains to configure the squid config.
#/etc/squid/squid.conf

#visual_hostname = proxy-srv.metall1c.local

auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=METALL1C auth_param ntlm children 20 auth_param ntlm keep_alive on acl auth proxy_auth REQUIRED auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 20 auth_param basic realm Squid proxy-chaching web server auth_param basic credentialsttl 8 hours

http_access allow auth

http_port proxy-srv:3128

cache_dir ufs /var/spool/squid 100 16 256

coredump_dir /var/spool/squid

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

refresh_pattern . 0 20% 4320

# TAG: acl acl Sams2Time1 time MTWHFAS 00:00-23:59 acl Sams2Template1 proxy_auth METALL1C.LOCAL\lukmanovrr acl Sams2Deny3 dstdom_regex instagram.com ok.ru acl Sams2Fileext8 urlpath_regex bat cmd exe

# TAG: url_rewrite_access acl Sams2Proxy dst 192.168.255.9 url_rewrite_access deny Sams2Proxy

# TAG: http_access # Setup Sams2 HTTP Access here http_access deny Sams2Template1 Sams2Fileext8 http_access deny Sams2Template1 Sams2Deny3 http_access allow Sams2Template1 Sams2Time1

# TAG: url_rewrite_program

# TAG: url_rewrite_children

# TAG: delay_pools

# TAG: delay_class

# TAG: delay_access

# TAG: delay_parameters

# TAG: http_access2

# TAG: icp_access

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrew, 2017-08-03
@mblp

acl inet-users external nt_group inet-users
http_access allow inet-users # inet-users Remove your group
http_access allow auth

Similar questions
O
OKNOZA2015-06-21 23:31:05
Can I not use NodeJS templating engine? 7Reply
L
LexLoveG2019-12-11 04:38:10
How to edit .sav files? 3Reply
R
rizzli2016-09-09 13:48:58
VPS, how to find out who is blocking IP (hoster or server)? 2Reply
M
Muradox2014-08-31 14:29:26
Preparing android device with root for sale. How to fill the disk with zeros? 5Reply
A
Alexey Tutubalin2014-09-01 14:26:28
How to set up a gateway? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question