On Tue, 31 May 2005 martin.mueller@stadt.wolfsburg.de wrote:
> the AD tree root is test.domain.de und the servername is dc1
>
> so i thing this should be correct after reading the squid_ldap_auth -h
> output:
>
> ./squid_ldap_auth -b test.domain.de -h 192.168.1.1 -f "SamAccountName=%s"
This is not a correct LDAP base DN.
Your base DN is most likely
dc=test,dc=domain,dc=de
and additionally many AD installations does not support anonymous searches
so you quite likely need to provide a binddn and bindpassword for the
search to work. It appears you can use the user@realm syntax for the
binddn to AD but officially it should be the LDAP DN of the user object.
AD can sometimes be slightly confusing in that the terms used in the
native AD interface is significantly simplified compared to the terms used
in the LDAP interface.
Regards
Henrik
Received on Tue May 31 2005 - 06:51:30 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:04 MDT