I was writting about Squid and I arrive to a sample config file for using squid with OpenLdap. I really don’t know if you’re using squid … probably you should do it. And I don’t know if you’re using ldap … sure you’ve to. If you combine squid with ldap it allows you control who is browsing the web or who doesn’t it and the main thing is who ’cause squid relies on IP authorization method.
The problem: your method is not useful for me, you just check if the user is a valid user, your method doesn’t let us separate all users betwen authorized and non authorized.
The solution: you just need to copy authorized users inside a different OU in your ldap server. If you don’t know how to do it look for a ldap administrator … like me 🙂