Jack wrote:
>
> Hello Hentrik,
> Thanks
> If i gave command
> ldapsearch -x -b ou=Development,dc=ldap,dc=squid,dc=com -h ldap uid=jack
> i am getting error as:
> ldap_bind: Can't contact LDAP server
>
> but if i gave command
> ldapsearch -x -D "uid=jack,ou=Development,dc=ldap,dc=squid,dc=com" -W -b
> 'ou=Development,dc=ldap,dc=squid,dc=com' "objectClass=*" ldap
> i was able to do it.
(assuming your LDAP server is named "ldap").
Hmm.. odd syntax for ldapsearch in how to specify the server name.
If all your users have DN's like
uid=<username>,ou=Development,dc=ldap,dc=squid,dc=com then there is no
need to serch, and you should be able to use
squid_ldap_auth -b ou=Development,dc=ldap,dc=squid,dc=com ldap
If you have users with DN's like
uid=<username>,ou=<department>,dc=ldap,dc=squid,dc=com
then you MUST use searching, and if your LDAP server does not allow
anonymous searches then you must specify a DN and password to perform
the searches as in
squid_ldap_atuh -D uid=jack,ou=Development,dc=ldap,dc=squid,dc=com -w
password_for_jack -b dc=ldap,dc=squid,dc=com -f uid=%s ldap
The search filter should in most cases be made more narrow than only
"uid=<loginname>". It should also include objectClass and any other
filters needed to uniquely identify persons only. This is left as an
excersise to the reader.
Regards
Henrik
Received on Wed Dec 12 2001 - 03:43:57 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:19 MST