[squid-users] troubles using squid_kerb_auth and squid_kerb_ldap

From: Chris Richardson <crichar_at_gmail.com>
Date: Mon, 31 Aug 2009 15:22:46 -0400

Hi everyone here is what i am tring to do i want to use kerb for SSO
and use squid_kerb_ldap to do acls based on groups however i am
running into a problem normal kerb_auth works great but when i try to
use kerb_ldap i get aclMatchExternal: squid_kerb_ldap user not
authenticated (0)

here are snippets of the config

auth_param negotiate program /usr/lib/squid/squid_kerb_auth -d
auth_param negotiate children 10
auth_param negotiate keep_alive on

external_acl_type squid_kerb_ldap ttl=3600 negative_ttl=3600 %LOGIN
/usr/sbin/squid_kerb_ldap -d -g ProxyUsers_at_WINDOWSKDC

acl auth proxy_auth REQUIRED
acl ldap_group_check external squid_kerb_ldap

http_access allow ldap_group_check
http_access deny all

oh this is squid 3.0 on a win2003 AD domain

thanks
-Chris
Received on Mon Aug 31 2009 - 19:22:52 MDT

This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 12:00:04 MDT