This not work Henrik, i don't understand ...
The authentification is well made because if i make a mistake about password, he asks
me for a
piece of news to authenticate me.
On the other hand if the authentification is good, it sends back me " Acces Denied "
SQUID.CONF :
external_acl_type ldapgroup %LOGIN /usr/lib/squid/squid_ldap_group -b
"ou=public,ou=cicoa,o=cnamts,c=fr" -f
"(&(cn=%v)(uniquemember=uid=%d,*)(objectclass=groupOfUniqueNames))" -h
hermes1.cicoa.cnamts.fr -p 389
acl group_Internet external ldapgroup GR-I-CICOA
http_access allow group_Internet
http_access deny all
LDAPSEARCH :
ldapsearch -x -b "ou=public,ou=cicoa,o=cnamts,c=fr"
"(&(cn=GR-I-CICOA)(uniquemember=uid=ROUTIER-00138,*)(objectclass=groupOfUniqueNames))"
-h hermes1.cicoa.cnamts.fr -p 389
RESULT :
version: 2
#
# filter:
(&(cn=GR-I-CICOA)(uniquemember=uid=ROUTIER-00138,*)(objectclass=groupOfUniqueNames))
# requesting: ALL
#
# GR-I-CICOA, public, cicoa, cnamts, fr
dn: cn=GR-I-CICOA,ou=public, ou=cicoa, o=cnamts, c=fr
objectclass: top
objectclass: groupOfUniqueNames
objectclass: mailGroup
cn: GR-I-CICOA
description: Groupe Internet du CICOA
mail: GR-I-CICOA@cicoa.cnamts.fr
uniquemember: uid=ROUTIER-00138, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=GUILLOTIN-00185,ou=Public,ou=cicoa, o=cnamts, c=fr
uniquemember: uid=LAUBAT-00170, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=HEMERY-00078, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=BENOIT-00048, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=BOUVIER-00056, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=ROSE-00053, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=OLIVAUX-00105, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=GALLOU-00502, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=INTERNET.CEIR-00001,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=INTERNET.CNF-00001,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=INTERNET.PROD-00001,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=INTERNET.SIEGE-00001,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=peyraud-00163,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=GARCIA-00153,ou=Public,ou=cicoa, o=cnamts, c=fr
uniquemember: uid=CHARLUET-00035, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=BRAULT-00020, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=TUFFERY-00521,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=SAULOU-00169, ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=assist.dir-00001,ou=public, ou=cicoa, o=cnamts, c=fr
uniquemember: uid=HOUILLOT-00728, ou=public, ou=cicoa, o=cnamts, c=fr
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Thanks Gilles
Henrik Nordstrom a écrit :
> Compare this to the search filter I proposed. You will find that almost
> all attributes needs to be adjusted to match your LDAP structure..
>
> The objectClass is groupOfUniqueNames, not groupOfNames
>
> The group member attribute listing the names of the group members is
> uniquemember, not member.
>
> Regards
> Henrik
>
> ROUTIER Gilles wrote:
> >
> > Henrik Nordstrom a écrit :
> >
> > > ldapsearch -x -b "ou=public,ou=cicoa,o=cnamts,c=fr" cn=INTERNET
> > >
> >
> > If i make the ldapsearch => ldapsearch -x -b "ou=public,ou=cicoa,o=cnamts,c=fr"
> > cn=GR-I-CICOA :
> >
> > dn: cn=GR-I-CICOA,ou=public, ou=cicoa, o=cnamts, c=fr
> > objectclass: top
> > objectclass: groupOfUniqueNames
> > objectclass: mailGroup
> > cn: GR-I-CICOA
> > description: Groupe Internet du CICOA
> > mail: GR-I-CICOA@cicoa.cnamts.fr
> > uid=ROUTIER-00138, ou=public, ou=cicoa, o=cnamts, c=fr
> >
> > I don't understand where is the problem.
> >
> > Regards
> > Gilles
Received on Fri Nov 08 2002 - 04:17:15 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:15 MST