Or depending on your setup and server os you could have squid point at
pam and have pam utilize the 3 ldap servers as the back end...
The former suggestion is better in my opinion, but pam would get the job
done (while introducing the joys of winbind possibly....)
The script makes more sense but sometime utilizing code someone else
wrote is a bit safer... YMMV
Pat
On Tue, 2007-05-15 at 12:02 -0300, Felipe Augusto van de Wiel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 05/14/2007 09:53 AM, mjrenziehausen@comcast.net wrote:
> > Does anyone know of a way to query multiple LDAP servers using
> > the squid_ldap_auth? I am running 2.6STABLE9.
> >
> > What I'm really looking to do is perform an LDAP look up to
> > find a user in any one of 3 separate Windows domains.
>
> I never tried against multiple servers, but we use a
> custom shell script to authenticate our users, so you could
> create a shell script and with some "if then else" you should
> be able to test agains the 3 machines. Here is the line:
>
> auth_param basic program <path-to-script>
>
>
> Basically, the script need to answer using the SQUID
> auth protocol (OK or ERR), you could still use ldap_auth inside
> of it, just test the return or something related before test the
> next server.
>
>
> I hope this helps, kind regards,
>
> - --
> Felipe Augusto van de Wiel <felipe@paranacidade.org.br>
> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
> http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFGSctvCj65ZxU4gPQRAqQvAKC/VHUWuI7XS65l+/5eg2SnBfP1+gCfauuW
> qbdPr+zh6ishoDVhf1kzFsI=
> =j39x
> -----END PGP SIGNATURE-----
Received on Tue May 15 2007 - 10:11:36 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT