.\" -*- mode: troff; coding: utf-8 -*- .\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. .ie n \{\ . ds C` "" . ds C' "" 'br\} .el\{\ . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "EXT_WBINFO_GROUP_ACL 8" .TH EXT_WBINFO_GROUP_ACL 8 2024-01-18 "perl v5.38.2" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH NAME .Vb 1 \& ext_wbinfo_group_acl \- external ACL helper for Squid to verify NT Domain group membership using wbinfo. .Ve .SH SYNOPSIS .IX Header "SYNOPSIS" .Vb 1 \& ext_wbinfo_group_acl [\-dhK] .Ve .SH DESCRIPTION .IX Header "DESCRIPTION" \&\fBext_wbinfo_group_acl\fR is an installed executable script. It uses \fBwbinfo\fR from Samba to lookup group membership of logged in users. .PP This helper must be used in with an authentication scheme (typically Basic or NTLM) based on Windows NT/2000 domain users. .PP It reads from the standard input the domain username and a list of groups and tries to match each against the groups membership of the specified username. .SH OPTIONS .IX Header "OPTIONS" .IP \fB\-d\fR 12 .IX Item "-d" Write debug info to stderr. .IP \fB\-h\fR 12 .IX Item "-h" Print the help. .IP \fB\-K\fR 12 .IX Item "-K" Downgrade Kerberos credentials to NTLM. .SH CONFIGURATION .IX Header "CONFIGURATION" .Vb 3 \& external_acl_type wbinfo_check %LOGIN /path/to/ext_wbinfo_group_acl \& acl allowed_group external wbinfo_check Group1 Group2 \& http_access allow allowed_group .Ve .PP If the local perl interpreter is in a unusual location it may need to be added: .PP .Vb 1 \& external_acl_type wbinfo_check %LOGIN /path/to/perl /path/to/ext_wbinfo_group_acl .Ve .SH AUTHOR .IX Header "AUTHOR" This program was written by Jerry Murdock .PP This manual was written by Amos Jeffries .SH COPYRIGHT .IX Header "COPYRIGHT" .Vb 5 \& * Copyright (C) 1996\-2023 The Squid Software Foundation and contributors \& * \& * Squid software is distributed under GPLv2+ license and includes \& * contributions from numerous individuals and organizations. \& * Please see the COPYING and CONTRIBUTORS files for details. \& \& This program is put in the public domain by Jerry Murdock \& . It is distributed in the hope that it will \& be useful, but WITHOUT ANY WARRANTY; without even the implied warranty \& of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. .Ve .SH QUESTIONS .IX Header "QUESTIONS" Questions on the usage of this program can be sent to the \fISquid Users mailing list .SH "REPORTING BUGS" .IX Header "REPORTING BUGS" Bug reports need to be made in English. See https://wiki.squid\-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. .PP Report bugs or bug fixes using https://bugs.squid\-cache.org/ .PP Report serious security bugs to \fISquid Bugs .PP Report ideas for new improvements to the \fISquid Developers mailing list .SH "SEE ALSO" .IX Header "SEE ALSO" The Squid FAQ wiki https://wiki.squid\-cache.org/SquidFaq .PP The Squid Configuration Manual http://www.squid\-cache.org/Doc/config/