RE: [squid-users] LDAP & Novell

From: Jay Turner <jturner@dont-contact.us>
Date: Wed, 11 Dec 2002 17:03:44 +0800

Hi Henrik

Thanks for the reply.

I tried both the following with no success:

./squid_ldap_auth -b "ou=boss,o=Alpha" -f '(&(uid=%s)(objectClass=person))'
10.18.41.12
jay password
ERR

./squid_ldap_auth -b "ou=boss,o=Alpha" -u cn 10.18.41.12
jay password
ERR
jayturner password
ERR

Do you have any other suggestions?

Netstat shows that a connection is definitely being made, and ldapsearch is
still returning details when i query the Netware server via it.
I am 100% certain the username/password are correct because I deleted and
recreated the user as well as creating a new user with no luck.

Thanks again for your time.

Regards
Jay

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@marasystems.com]
Sent: Wednesday, 11 December 2002 4:29 PM
To: jturner@bsis.com.au; squid-users@squid-cache.org
Subject: Re: [squid-users] LDAP & Novell

First you need to select which attribute to use as login name.

  cn The users full name
  uid Unique login name

If using cn then you can simply use the "-u cn" option to tell
squid_ldap_auth that your users DN is constructed using cn as the
last component.

If using uid, or if you want to support having users in multiple
subtrees then you need to use the search mode
  -f '(&(uid=%s)(objectClass=person))'

Regards
Henrik

On Wednesday 11 December 2002 04.24, Jay Turner wrote:
> Hi All,
>
> Thanks to Henrik I have read the man page regarding
> squid_ldap_auth.
>
> A client has requested their Squid proxy validate usernames against
> their Netware 5.1 server. (LDAP v3 for NDS 8)
> LDAP is obviously the first way to attempt to do this.
>
> My Squid server is RH8.0, 2.4.18-14, Squid2.4-STABLE7,
> openldap-2.0.25-1, nss_ldap-198-3
>
> Unfortunately I know nothing about Netware. An external party has
> set up a development Netware server for me to try and authenticate
> against, the details are:
>
> IP: 10.28.41.12
> tree: NW51TREE
> o: Alpha
> ou: boss
> user (uid?): jay
>
> Can someone please give me a tip as to how I would use this
> information to validate against the netware server via
> squid_ldap_auth?
>
> I have tried the following basic test:
> ./squid_ldap_auth -b "ou=boss,o=Alpha" 10.18.41.12
> jay password
> ERR
>
> Using the following I am able to see all the information on the NDS
> server via ldapsearch
> ldapsearch -x -b 'ou=boss,o=Alpha' '(objectclass=person)' -h
> 10.18.41.12
>
> # jay, boss, Alpha
> dn: cn=jay,ou=boss,o=Alpha
> uid: jay
> sn: turner
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> objectClass: person
> objectClass: ndsLoginProperties
> objectClass: top
>
>
> Thanks in advance
> Jay
Received on Wed Dec 11 2002 - 01:58:05 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:02 MST