On Thu, 2006-08-03 at 14:31 +0100, Plant, Dean wrote:> We are looking to use ntlm_auth with the --require-membership-of= option
> to restrict user access to the squid proxy.
>
> Although this is a works great, because nearly all our users are given
> Internet access, there is extra overhead of adding every user to the
> "Allow Internet Group". It would make sense (to me anyway) to
have the
> inverse of this option, so as default everyone is granted access except
> for a --not-member-of="Deny Internet Group". This allows simpler
> administration of the user access group, assuming you have less users
> being denied Internet access.
I think this is a useful idea. Can you file a bug, so at least it is
forgotten in two places?
Feel free to try and knock up a patch :-)
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20060805/73d2b0e4/attachment.bin