In the topic of authentication against AD , foes anyone know how to base
acls on the group directive of AD , I am trying to use group-ldap-auth [
group-ldap-auth.sourceforge.net ] with success .
Guilherme Loch Waltrick Góes
www.voffice.com.br
>>> Henrik Nordström <hno@marasystems.com> 09/23 10:28 am >>>
On Mon, 23 Sep 2002, Andrew Wilson wrote:
> Hi Henrik
>
> I have been reading though your archives, but unfortunately I have
still not come right on one particular issue, which I am sure you will
be able to guide me on:
>
> I wish to make squid, authenticate against a Microsoft Active
Directory.
> The AD has been configured to allow anonymous browsing.
> if I run:"ldapsearch -x 'cn=Andrew Wilson' >andrew.txt" it works
(see attached file)
> But, I still have no idea how to authenticate against this?
Based on your search output your user DN is
CN=Andrew Wilson,OU=Users,OU=ITS,OU=SRD,DC=za,DC=astgroup,DC=com
Assuming you want to use "Andrew Wilson" as login name to Squid you can
then use the following:
squid_ldap_auth -b "OU=Users,OU=ITS,OU=SRD,DC=za,DC=astgroup,DC=com
" -u CN
If you need to allow logins from more subtrees than the above tree or
want
to use another attribute than CN as login name then you will need to
use
the search mode of the helper.
Note: To use spaces in the login name you must use Squid-2.5.
Regards
Henrik
Received on Mon Sep 23 2002 - 07:47:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:23 MST