On ons, 2008-07-16 at 18:31 -0700, Zack Duchene wrote:
> I am having a very hard time getting the group external_acl to work with
> my active directory.
>
> Here is the command that I am using:
>
> external_acl_type InetGroup %LOGIN /usr/lib/squid/squid_ldap_group -R -b
> "dc=ADVANTAGE,dc=com" -D "cn=admin1,cn=USERS,dc=ADVANTAGE,dc=com" -w
> "**********" -f
> "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,cn=Users,dc=AD
> VANTAGE,dc=com))" -h 192.168.1.13
Are you sure the groups is in the Users container?
Usually one uses squid_ldap_group slightly differently, with -F for
looking up the user and then -f to see if that user is listed as a
member in the group object.. but both ways works for dual-indexed
directories such as MSAD. (where the user object also lists group
memberships).
Regards
Henrik
Received on Fri Jul 18 2008 - 01:27:55 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 18 2008 - 12:00:04 MDT