HI,
I have installed Squid-2.5.STABLE2 on an RedHat Advanced Server.
Until now we authenticated our users via LDAP with squid_ldap_auth. It
worked fined as long as we interrogating only one branch of our LDAP tree
Here is our LDAP configuration :
ou=Entity1, ou=public
/
c=fr, o=cnamts, - ou=Entity2, ou=public
\
ou=Entity3, ou=public
What is more, for each branch there are several user groups used to
handle different internet access rights (GR-I-EntityX-LevelY) through
squid_ldap_group
I though I read squid_ldap_auth could only cope with one LDAP-branch. Is
that correct or it is possible to work with several branches ?
If squid_ldap_auth can't, do you know any other mean to handle this case ?
Thanks
Louis
Here is a part of my squid.conf which currently manages 1 LDAP branch
-------------
auth_param basic program /usr/lib/squid/squid_ldap_auth -u uid -b
ou=public,ou=Entity,o=cnamts,c=fr -h @_IP_LDAP -p 389
auth_param basic children 10
external_acl_type ldapgroup %LOGIN /usr/lib/squid/squid_ldap_group -b
"ou=public,ou=Entity,o=cnamts,c=fr" -f
"(&(cn=%a)(uniquemember=uid=%v,*)(objectclass=groupOfUniqueNames))" -h
@_IP_LDAP -p 389
acl group_Internet external ldapgroup GR-I-Entity-Level1
acl group_Internet_all external ldapgroup GR-I-Entity-Level2
http_access allow group_Internet sitesLoc
http_access allow group_Internet_All sitesNat
--------------
Received on Thu Jun 05 2003 - 06:18:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:16 MST