Selon Henrik Nordstrom <hno@squid-cache.org>:
> On Thu, 1 Apr 2004 apmailist@free.fr wrote:
>
> > auth_param basic program /PATH/proxy/libexec/squid_ldap_auth -b
> > ou=Person,dc=company,dc=com -f(uid=%s) -h ldapserver
> >
> > external_acl_type ldap_group %LOGIN /PATH/DEV/proxy/libexec/squid_ldap_auth
> -
> > b "ou=Applications,dc=company,dc=com" -B "ou=Person,dc=company,dc=com"
> -F(uid=%
> > s) -f(&(uid=%u)(cn=%g)) -h ldapserver
>
>
> The group filter should most likely read "-f(&(member=%u)(cn=%g))"
>
>
> What does your group objects look like in LDAP?
>
> Regards
> Henrik
>
>
The group shows up like this upon ldapsearch :
# ./ldapsearch -b cn=Internet,ou=Applications,dc=company,dc=com -h ldapserver
# extended LDIF
#
# LDAPv3
# base <cn=Internet,ou=Applications,dc=company,dc=com> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#
# Internet, Applications, company.com
dn: cn=Internet,ou=Applications,dc=company,dc=com
objectClass: top
objectClass: groupofuniquenames
cn: Internet
uniqueMember: uid=test,ou=Person,dc=company,dc=com
uniqueMember: uid=test2, ou=Person, dc=company,dc=com
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
sincerely,
Andrew.
Received on Thu Apr 01 2004 - 05:37:51 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT