tor 2002-11-07 klockan 14.39 skrev ROUTIER Gilles:
> I would like tu use group_ldap_auth
> I have a group which names INTERNET, and I would want that only the persons of this
> group can reach Proxy.
> But, I do not know or to specify the name of the group ?
> You can say to me if the syntax is correct?
It depends on what your LDAP group objects looks like.
> external_acl_type ldapou %LOGIN /usr/lib/squid/group_ldap_auth -b
> "ou=public,ou=cicoa,o=cnamts,c=fr" -f "(&(cn=INTERNET)(uid=%v)(ou=%a))" -h
> hermes1.cicoa.cnamts.fr -p 389
Your filter does not look right. "(&(cn=%v)(uid=%v))" might work, but
more likely the group filter you are after looks something like
"(&(cn=%v)(member=uid=%d,*)(objectClass=groupOfNames))".
What is the output of
ldapsearch -x -b "ou=public,ou=cicoa,o=cnamts,c=fr" cn=INTERNET
Regards
Henrik Nordström
MARA Systems AB, Sweden
Received on Thu Nov 07 2002 - 07:44:55 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:12 MST