Hi,
I have been trying to use squid_ldap_match with Active directory with not
much success, I have built everything but just can't see to get the
parameters correct.
I am also unsure whether I just have to use the match, or also do an
ldap_auth on the user beforehand - if you can clarify whether this is
required - thanks.
Ok, some background details:
Our LDAP AD server is on 193.116.22.122 and responds to ldap anonymous
searches on the usual ldap port 589
I am trying to match up a group which is situated in:
cn=INTERNETUSERS,cn=Users
The Base dn = dc=top,dc=sy,dc=turvy
Ok,
So I am trying to match the group with squid_ldap_match with Squid 2.5
stable2 compiled from source with openldap on Redhat 7.3 (fully patched)
(Standalone)
squid_ldap_match -b "dc=top,dc=sy,dc=turvy" -f "(%(cn=%u)(cn=%g))" -h
193.116.22.122 -p 389
in the squid.conf file
external_acl_type ldap_group %LOGIN /path/to/squid_ldap_match
-b "dc=top,dc=sy,dc=turvy" -f "(%(cn=%u)(cn=%g))" -h 193.116.22.122 -p 389
acl firstrule external ldap_group INTERNETUSERS
I am particular interested in any debug options you can specify to further
debug whether I have the filter options correctly. How would I test these
filters out in relation to active directory as I don't know whether the %u
or %g are returning the correct values?
Can I capture what is sent to STDIN so I can look at the returned results?
Any help appreciated as there is not much documentation in using this with
Active directory
Many thanks
Craig
_________________________________________________________________
Get Hotmail on your mobile phone http://www.msn.co.uk/mobile
Received on Tue Apr 01 2003 - 16:02:29 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:35 MST