Re: [squid-users] squid_ldap_auth + openldap

From: toblo <squid@dont-contact.us>
Date: Tue, 06 Jan 2004 10:56:46 +0700

Hi Henrik,

My user object is look like this:
"uid=user1, ou=tld.com, o=vpop"

I'd like to be able to log at squid as "user1@tld.com". How can I check
the "user1" part to uid and "tld.com" part to ou?

Thanks,
toblo

----- Original message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: squid@tobloml.mailcan.com
Date: Tue, 6 Jan 2004 04:31:09 +0100 (CET)
Subject: Re: [squid-users] squid_ldap_auth + openldap

On Tue, 6 Jan 2004 squid@tobloml.mailcan.com wrote:

> Does anybody has examples of how using the filter search for
> squid_ldap_auth? I don't understand the ones in the man page or the one
> in RFC2254.

What does the user objects you want to search for look like? Specifically
what attribute carries the login name and what is the objectClass?

A very common LDAP user search filer is

  (&(uid=%s)(objectClass=Person))

this searches for a Person class object where the uid attribite equals to
the login name.

LDAP directories where the user objects look differently requires
different filters.

Regards
Henrik
Received on Mon Jan 05 2004 - 20:56:50 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:03 MST