On Tuesday 17 June 2003 22.07, Cécile Leyman wrote:
> Quoting Henrik Nordstrom <hno@squid-cache.org>:
> > On Tuesday 17 June 2003 16.27, Cécile Leyman wrote:
> > > I think that openldap 2.0.x uses LDAPv3 by default to
> > > communicate. Squid communicates with LDAPv2.
> >
> > Squid does not care about LDAP versions. It justs ask the helper
> > if the login+password is valid.
>
> I have compiled OpenLDAP (2.1.16) with ldapv2 support because the
> squid helper provided in squid 2-5-STABLE2-??122002 transmits its
> requests by using this protocol version.
> Without that feature, I can not authenticate my users, slapd
> rejects the request because it doesn't understand it --> "LDAPV2
> NOT ALLOWED".
The helper shipped with 2.5.STABLE3 optionally supports the use of
LDAPv3. LDAPv3 is a requirement for TLS encryption.
LDAPv2 support is enabled by default in the OpenLDAP installations I
have seen, but I have to admit that I have not yet used OpenLDAP
2.1.. checking.. yes it seems OpenLDAP 2.1 disallows LDAPv2 binds by
default but it may be enabled runtime in slapd.conf with a "options
bind_v2" directive. There should be no need to recompile OpenLDAP
from what I can tell (or at least I found no evidence of any compile
time options for disabling/enabling different LDAP versions)
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Tue Jun 17 2003 - 15:20:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:25 MST