RE: LDAP authentication

From: R.Ilker Gokhan <>
Date: Mon, 1 May 2000 16:17:37 +0300

Ok.. ;)
Firstly, I think you shouldn't add search base to authneticate_program should change your own search base into the squid_ldap_auth.c
(#define SEARCHBASE ...)
second, add the 28,6 29,5 to debug_options in squid.conf and observe

Ilker G.

-----Original Message-----
From: Joel Taqueban []
Sent: Monday, May 01, 2000 6:22 AM
To: R.Ilker Gokhan;
Subject: Re: LDAP authentication

I've made the changes on your advise but still I'm having "Proxy
authentication failed" message:
Here's my new acl
authenticate_program /usr/local/squid/bin/squid_ldap_auth myldapservername
acl LAN src
acl ldap proxy_auth REQUIRED
http_access allow LAN ldap
http_access deny all

I've even changed the authenticate line with a search base and port:
authenticate_program /usr/local/squid/bin/squid_ldap_auth
myldapservername 389

Anything else I need to look into?
R.Ilker Gokhan wrote:
 Try:authenticate_rpogram ....................acl LAN src
your_network_ip/subnet_maskacl ldap proxy_auth REQUIREDhttp_access allow LAN
ldap /* you should determine for authnetication which ip or user group or
destination domain etc..*/http_access deny allGood luckIlker G.
-----Original Message-----
From: Joel Taqueban []
Sent: Monday, April 24, 2000 5:38 PM
To: R.Ilker Gokhan;
Subject: Re: LDAP authentication
I found this mail from the archive and tried to simulate having my users
authenticated first but I always get a 'Proxy Authentication failed" error.
even though my ldap server name is correct. What do you think is wrong.
authenticate_program /usr/local/squid/bin/squid_ldap_auth myldapservername
acl ldap proxy_auth REQUIRED
http_access allow ldap
http_access deny all
Please help
R.Ilker Gokhan wrote:
The authenticate_option is used to the older squid version. You should
remove it. Try in the squid.conf:
authenticate_program /usr/local/squid/bin/squid_ldap_auth <ldap_server_name>

Good luck..
Ilker G.
-----Original Message-----
From: David Minor []
Sent: Wednesday, April 19, 2000 11:15 PM
Subject: LDAP authentication
OK. We have been running squid for a while now with the
ncsa_auth authentication. This is fine as it goes, but we would l
ike to take advantage of our LDAP server for this purpose.
I have been trying to set this up using the external authentication
programs mentioned in the FAQ. Neither has been working for me.
Here is what I see:
1) The ldap_auth.c program. The instructions indicate that the
following line needs to be in squid.conf:
authenticate_options 389 xxx uid
When this is there however squid start up with the error:
parseConfigFile: line 642 unrecognized: 'authenticate_options 389 xxx uid'
Should this work or is there something different that I should do?
2) With the squid_auth_ldap program, when I try to run make on it
I get an error about no rule to make target.
Sorry if these are basic questions but I don't see them in the list
(Of course I'm open to trying any other solution that works!)
BTW This is squid 2.3STABLE51on a RedHat machine.
Received on Mon May 01 2000 - 07:19:19 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:12 MST