RE: [squid-users] Re: ldapseach argument and the result of LDAP machine!

Dear Henrik,

I tried this and it seems I have the complete output information to be
debugged.

I gave this one:

###############
ldapsearch -h 192.168.2.2 -vx -D
CN=Administrator,CN=Users,DC=hov,DC=butanegroup,DC=COM -w XXXXXXXX -b
dc=hov,dc=butanegroup,dc=com > Output
###############

And then I checked the response of LDAP in Output file and I found these
about my users:

###################################################
# Hamed Majnoonian, Users, hov.butanegroup.com
dn: CN=Hamed Majnoonian,CN=Users,DC=hov,DC=butanegroup,DC=com
memberOf: CN=Internet,CN=Users,DC=hov,DC=butanegroup,DC=com
accountExpires: 9223372036854775807
badPasswordTime: 0
badPwdCount: 0
codePage: 0
cn: Hamed Majnoonian
countryCode: 0
description: XXXXXXXXXXXXXXXXXXXXXX
displayName: Hamed Majnoonian
givenName: Hamed
instanceType: 4
lastLogoff: 0
lastLogon: 0
logonCount: 0
distinguishedName: CN=Hamed
Majnoonian,CN=Users,DC=hov,DC=butanegroup,DC=com
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=hov,DC=butanegroup,DC
 com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectGUID:: uslzjQi0IUim/XdZpf0OaQ==
objectSid:: AQUAAAAAAAUVAAAA/ibGSOsleSxDFwoy0QQAAA==
physicalDeliveryOfficeName: Butane Group
primaryGroupID: 513
pwdLastSet: 127183052515950126
name: Hamed Majnoonian
sAMAccountName: sharpknifeedge
sAMAccountType: 805306368
sn: Majnoonian
telephoneNumber: XXXXXXXXXXXXXXXXXX
userAccountControl: 66048
userPrincipalName: XXXXXXXXXXXXXXXXXXXXXX
uSNChanged: 1731100
uSNCreated: 1730978
whenChanged: 20040111163815.0Z
whenCreated: 20040111143411.0Z
##########################################

The above is a sample of my ID in the AD ...
So the question is how can I tell my squid_ldap_auth to check this
speficifc username when it wants to check the password with AD ?

Thank you again
Hamed

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Wednesday, January 14, 2004 9:23 PM
To: Hamed Majnoonian
Cc: Henrik Nordstrom; squid-users@squid-cache.org
Subject: [squid-users] Re: ldapseach argument and the result of LDAP
machine!

On Wed, 14 Jan 2004, Hamed Majnoonian wrote:

> ############################################
>
> The question is, is it looks good?

No. From what I can tell that only contained a few public entries added
by
your DNS server, nothing about your users.

> The second question is I am still trying to tell squid_ldap_auth to
ask
> my LDAP with this argument:
>
> /squid_ldap_auth -h 192.168.2.2 -b dc=hov,dc=butanegroup,dc=com -f -u
> sharpknifeedge -D dc=hov,dc=butanegroup,dc=com

The -D option is not correct, and needs a -W (or -w) option.

The -D option MUST specify a correct DN of one of the users in your
directory. As indicated earlier the DN of Administrator should be
something like:

   CN=Administrator,CN=Users,DC=juno,DC=hov,DC=butanegroup,DC=com

Regards
Henrik
Received on Wed Jan 14 2004 - 11:30:49 MST