First you need to select which attribute to use as login name.
cn The users full name
uid Unique login name
If using cn then you can simply use the "-u cn" option to tell
squid_ldap_auth that your users DN is constructed using cn as the
last component.
If using uid, or if you want to support having users in multiple
subtrees then you need to use the search mode
-f '(&(uid=%s)(objectClass=person))'
Regards
Henrik
On Wednesday 11 December 2002 04.24, Jay Turner wrote:
> Hi All,
>
> Thanks to Henrik I have read the man page regarding
> squid_ldap_auth.
>
> A client has requested their Squid proxy validate usernames against
> their Netware 5.1 server. (LDAP v3 for NDS 8)
> LDAP is obviously the first way to attempt to do this.
>
> My Squid server is RH8.0, 2.4.18-14, Squid2.4-STABLE7,
> openldap-2.0.25-1, nss_ldap-198-3
>
> Unfortunately I know nothing about Netware. An external party has
> set up a development Netware server for me to try and authenticate
> against, the details are:
>
> IP: 10.28.41.12
> tree: NW51TREE
> o: Alpha
> ou: boss
> user (uid?): jay
>
> Can someone please give me a tip as to how I would use this
> information to validate against the netware server via
> squid_ldap_auth?
>
> I have tried the following basic test:
> ./squid_ldap_auth -b "ou=boss,o=Alpha" 10.18.41.12
> jay password
> ERR
>
> Using the following I am able to see all the information on the NDS
> server via ldapsearch
> ldapsearch -x -b 'ou=boss,o=Alpha' '(objectclass=person)' -h
> 10.18.41.12
>
> # jay, boss, Alpha
> dn: cn=jay,ou=boss,o=Alpha
> uid: jay
> sn: turner
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> objectClass: person
> objectClass: ndsLoginProperties
> objectClass: top
>
>
> Thanks in advance
> Jay
Received on Wed Dec 11 2002 - 01:28:36 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:02 MST