Re: [squid-users] Regarding Squid+Ldap

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 27 May 2005 07:04:16 +0200 (CEST)

On Thu, 26 May 2005, D & E Radel wrote:

> Sorry, but I am not familiar with OpenLDAP. I have only gotten this to work
> with Server 2003 Active Directory.
> Maybe someone else reading this can help. I am not sure what you will need
> for the "-f" parameter. Try this for some examples though:
>
> http://www.die.net/doc/linux/man/man8/squid_ldap_auth.8.html

this man page is included with the Squid distribution. I would recommend
reading the man page for the version you are using, not some other random
version found out on the Internet.

> I have read of people doing it this way:
> authenticate_program /usr/local/squid/bin/ldap_auth
> authenticate_options ldap.yourdomain.com 389 dc=yourdomain,dc=com uid
> authenticate_children 2

This syntax is for Squid-2.4 or earlier, and showing the use of the
third-party ldap_auth helper, not squid_ldap_auth shipped with Squid.

Squid-2.5 uses

auth_param basic program /path/to/squid_ldap_auth options...

> Modify the script and re-run until you get it working. Saves alot of typing
> errors on the commandline. Probably not the most elegant way of writing the
> script, but it works for me. :-)

The script can be simplified to just

#!/bin/sh
/path/to/squid_ldap_auth options...

Regards
Henrik
Received on Thu May 26 2005 - 23:04:19 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT