On Tue, 22 Mar 2005, Jayesh Kamdar wrote:
> OK, so you are saying squid_ldap_match and squid_ldap_group are the same.
No, I am saying that squid_ldap_group began it's life as squid_ldap_match,
but changed name to squid_ldap_group when it got merged into the Squid
distribution.
squid_ldap_match is no longer maintained separately, and is only kept on
the web page as a historical reference. For all practical purposes it is
better to use the squid_ldap_group shipped with Squid.
> And for the ldapsearch syntax, does this look right? I am binding as user
> jkamdar of group osis_proxyauth_lg and looking for user Smith, Jason J.
>
> ldapsearch -h ldapsrv1 -D
> "(&(cn=osis_proxyauth_lg)(member=uid=jkamdar,o=mitre.org))" -b "o=mitre.org"
> cn="Smith, Jason J."?
This looks raterh messed up use of ldapsearch.
If you would use what you specified to the -D option as search filter then
it would make sense yes.
user lookup:
ldapsearch -h ldapsrv1 -b "o=mitre.org" "cn=Smith, Jason J."
group lookup (assuming the above returned the DN uid=jkamdar,o=mitre.org):
ldapsearch -h ldapsrv1 -b "o=mitre.org" "(&(cn=osis_proxyauth_lg)(member=uid=jkamdar,o=mitre.org))"
Regards
Henrik
Received on Tue Mar 22 2005 - 15:32:14 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST