[squid-users] ldap_sasl_interactive_bind_s: Can't contact LDAP server

From: Dryhurst Daniel \(RQ6\) RLBUHT <Daniel.Dryhurst@dont-contact.us>
Date: Thu, 14 Dec 2006 13:07:00 -0000

Hi

I am trying to configure the squid proxy to authenticate users via LDAP
for internet access. The plain proxy with no authentication works fine.
Below are the contents of my squid.conf:

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
"dc=rlbuht,dc=lan" -f "uid=%s" 172.20.33.3
auth_param basic children 5
auth_param basic realm rlbuht.lan
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
#http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid

This parses OK, and the service is happy starting and stopping etc.

However, there is still no authentication with the LDAP server. When I
run ldapsearch from the command line I get the following message:

[root@rq6squid01 ~] ldapsearch
Ldap_sasl_interactive_bind_s: Can't contact LDAP Server (-1)

I have tried pinging the LDAP server and it pings, I can also connect
via telnet to the server on port 389 so firewalls etc. all looks OK.
It's probably something basic I have missed out or syntax error. Anyone
have time to cast an experienced eye over this for me please?

Ta
Danny
Received on Thu Dec 14 2006 - 06:06:52 MST

This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST