Re: [squid-users] squid_ldap_auth

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 6 Feb 2004 18:05:28 +0100 (CET)

On Fri, 6 Feb 2004, Dave Raven wrote:

> This would be the user:
> CN=Test User,OU=Users,OU=Branch1,DC=test,DC=co,DC=za

Is all users below OU=Users,OU=Branch1,... or do you have users in other
OUs as well?

Also, what should be used as the login name?

The man page for squid_ldap_auth has a couple of good examples to start
from. I would recommend using the search mode as this is most flexible on
both questions above.

> And this is the group he is a member of, that means
> He has internet access:
> CN=iNet,OU=Groups,OU=Branch1,DC=test,DC=co,DC=za

Group lookups is done by the squid_ldap_group helper.

Start with authentication. When authentication is running fine then move
into authorization using groups. The path to group based authorization
when authentication is correctly configured is pretty simple, but if
attemting both before you know authentication is running correctly may be
somewhat confusing.

Regards
Henrik
Received on Fri Feb 06 2004 - 10:05:38 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST