You do not have a flat LDAP namespace for your users. Consequently you need
to use the search mode of squid_ldap_auth to locate the users DN.
See the documentaion supplied with squid_ldap_auth.
Note: Squid ldap_auth from Squid-2.4.STABLE2 or later required. Earlier
versions does not have search capabilities or mostly any other capabilities
for that matter..
Regards
Henrik
On Tuesday 04 December 2001 16.06, Jack wrote:
> Hello Henrik,
> I have the same problem in ldap auth
>
> ldapadd -f /usr/local/var/openldap-ldbm/squid.ldif -xv -D
> "cn=admin, dc=ldap, dc=squid, dc=com" -w secret
> ldapsearch -x -D "cn=admin,dc=ldap,dc=squid,dc=com" -W -b
> 'dc=ldap,dc=squid,dc=com' "objectClass=*" ldap
>
> # ldap, squid, com
> dn: dc=ldap, dc=squid, dc=com
>
> # admin, ldap, squid, com
> dn: cn=admin, dc=ldap, dc=squid, dc=com
>
> # Development, ldap, squid, com
> dn: ou=Development, dc=ldap, dc=squid, dc=com
>
> # Support, ldap, squid, com
> dn: ou=Support, dc=ldap, dc=squid, dc=com
>
> # jack, Support, ldap, squid, com
> dn: cn=jack, ou=Support, dc=ldap, dc=squid, dc=com
>
> # sathi, Development, ldap, squid, com
> dn: cn=sathi, ou=Development, dc=ldap, dc=squid, dc=com
>
> ldapsearch -x -D
> "cn=sathi,ou=Development,dc=ldap,dc=squid,dc=com" -W -b \
>
> 'ou=Development,dc=ldap,dc=squid,dc=com' "objectClass=*" ldap
>
> Enter LDAP Password:
> version: 2
>
> #
> # filter: objectClass=*
> # requesting: ldap
> #
>
> # search result
> search: 2
> result: 0 Success
>
> squid_ldap_auth -b 'ou=Development,dc=ldap,dc=squid,dc=com'
> ldap sathi sathi
> ERR
>
> Where i done the mistake.
> Sorry if it is basic question
>
> Thanks
> Jack
>
> ----- Original Message -----
>
> > If your LDAP directory is structured using DN:s like
> >
> > UID=<login>, O=USM
> >
> > then squid_ldap_auth likes to be called as
> >
> > squid_ldap_auth -b O=USM your.ldap.server
> >
> > It will then automatically construct DN:s like the above and try to bind
>
> as
>
> > these.
> >
> >
> > To test binding as a user using your favorite LDAP tools use
> >
> > ldapsearch -x -D "UID=LARRY, O=USM" -W -b O=USM "objectClass=*"
> >
> > (older versions of OpenLDAP does not require the -x option)
> >
> > Regards
> > Henrik
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
Received on Tue Dec 04 2001 - 08:54:43 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:13 MST