On Mon, 23 Sep 2002, Andrew Wilson wrote:
> Hi Henrik
>
> I have been reading though your archives, but unfortunately I have still not come right on one particular issue, which I am sure you will be able to guide me on:
>
> I wish to make squid, authenticate against a Microsoft Active Directory.
> The AD has been configured to allow anonymous browsing.
> if I run:"ldapsearch -x 'cn=Andrew Wilson' >andrew.txt" it works (see attached file)
> But, I still have no idea how to authenticate against this?
Based on your search output your user DN is
CN=Andrew Wilson,OU=Users,OU=ITS,OU=SRD,DC=za,DC=astgroup,DC=com
Assuming you want to use "Andrew Wilson" as login name to Squid you can
then use the following:
squid_ldap_auth -b "OU=Users,OU=ITS,OU=SRD,DC=za,DC=astgroup,DC=com
" -u CN
If you need to allow logins from more subtrees than the above tree or want
to use another attribute than CN as login name then you will need to use
the search mode of the helper.
Note: To use spaces in the login name you must use Squid-2.5.
Regards
Henrik
Received on Mon Sep 23 2002 - 07:28:33 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:23 MST