RE: [squid-users] squid_ldap_group binddn problem

From: Chris Perreault <Chris.Perreault@dont-contact.us>
Date: Tue, 22 Jun 2004 17:09:05 -0400

I know you can use the %s but I don't know if you can use it there. Doing a
lookup might not need a userid/password to perform the query. Try running
the command with a -f uid=%s
If that doesn't work then you might have to create a user that can only read
the container where the uid's are kept.

Chris Perreault

-----Original Message-----
From: Rafael Tonin [mailto:rtonin@cpd.ufrgs.br]
Sent: Tuesday, June 22, 2004 4:50 PM
To: squid-users@squid-cache.org
Subject: [squid-users] squid_ldap_group binddn problem

Hi,

Is there any way to pass the user/password supplied by the user at his/her
browser as the "-D binddn -w password" required by our directory for the
following search:

external_acl_type ldapgroup %LOGIN /usr/lib/squid/squid_ldap_group -D
"uid=????,ou=People,dc=ourdomain,dc=com" -w "????" -b
"ou=Group,dc=ourdomain,dc=com" -f
"(&(cn=%a)(memberUid=%v)(objectClass=PosixGroup))" ourldapserver

Or

Is it possible in any way to use the athentication provided by the
squid_ldap_auth module as the bind required for the search via
squid_ldap_group.

We wouldn't like to create a proxy user and anonymous access is no option
for us.

Really thanks in advance,

Rafael Tonin
Divisão de Rede e Suporte - CPD
Network Support - CPD
Universidade Federal do Rio Grande do Sul
Federal University of Rio Grande do Sul
e-mail: rtonin@cpd.ufrgs.br
www: www.cpd.ufrgs.br
Received on Tue Jun 22 2004 - 15:09:17 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT