Re: [squid-users] Fw: squid_ldap_auth problem

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 18 Nov 2003 21:33:25 +0100 (CET)

On Tue, 18 Nov 2003, Steve Dickey wrote:

> Thanks for sending that. After poking around a bit, I was able to find
> that. It did not show up in the man section but I found the doc and was
> able to type man ./squid_ldap_auth.8 to bring it up.

Odd.. the examples has always been there in the squid_ldap_auth man page
shipped with Squid.

The squid_ldap_group manpage may look confusingly similar however and does
not have examples.

> My directory appears to allow anon queries but I have tried to bind the
> administrator account as well with the same results. The issue seems to
> resolve around the -u parameter.

If you use the filter mode the -u parameter is not relevant.

> When I set this to cn, the admin works, but no the users. When I set
> it to anything else, nothing works. I found and attribute called
> SAMAccountName which does seem to contain the userid that I need as
> opposed to the user name. (As you suggested, I think this is the root
> of my problem since the administrator account has the same user name as
> the userid/logon account)
>
> I am guessing I may need to use the -f search filter but am clueless as to
> the proper format and parameters. I have experimented with a few things but
> I either get no success or syntax errors with the ) or ( not in the right
> place.

See the second example in the documentation.

note that if testing from the command line then you need to quote the
complex arguments using "" or else the shell will try to parse the
paranteses.. You do not need to quote the arguments in squid.conf, but it
does not hurt. At the time the manpage was written quotes was not allowed
in squid.conf and is why the examples does not have any quotes around the
arguments.

Regards
Henrik
Received on Tue Nov 18 2003 - 13:33:32 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:22 MST