From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-85290-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1Ks475-0004xs-Am
	for garchives@archives.gentoo.org; Mon, 20 Oct 2008 23:24:39 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4CEA9E0206;
	Mon, 20 Oct 2008 23:24:38 +0000 (UTC)
Received: from genesis.genestate.com (unknown [212.21.116.18])
	by pigeon.gentoo.org (Postfix) with ESMTP id 18E38E0206
	for <gentoo-user@lists.gentoo.org>; Mon, 20 Oct 2008 23:24:38 +0000 (UTC)
Received: from [10.194.217.12] (souris.genestate.com [10.194.217.12])
	by genesis.genestate.com (Postfix) with ESMTP id 81D737F849
	for <gentoo-user@lists.gentoo.org>; Tue, 21 Oct 2008 00:24:48 +0100 (BST)
Message-ID: <48FD1340.6070304@genestate.com>
Date: Tue, 21 Oct 2008 00:24:48 +0100
From: Matt Harrison <iwasinnamuknow@genestate.com>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] squid with active directory
References: <48FD02DA.2070800@genestate.com>
In-Reply-To: <48FD02DA.2070800@genestate.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 91f6c16e-1dbb-46de-8182-e87cc4e59e5e
X-Archives-Hash: 2c065ba27a06d741f7a51d655cc9f27a

Let me clarify a little bit:

Before attempting this integration, I had an acl line like this:

acl internal src 10.194.217.0/24

And i'm allowing that like so:

http_access allow internal

I'm just not sure how to change this to allow access to authenticated 
users while prompting for those not authenticated.

As far as the guide I have mentioned goes, my kerberos and ldap are 
working perfectly and samba is joined to the domain. winbind is running 
and using the ntlm helper tests from the guide it appears that 
authentication for users against the AD is working.

The problem is that squid.conf is a very large config file and I've only 
ever played with a few options (1 acl, nothing more complex).

Any ideas appreciated

Matt