Re: [squid-users] user authentication using multiple LDAP servers.

From: Henrik Nordström <henrik_at_henriknordstrom.net>
Date: Wed, 12 May 2010 22:14:53 +0200

ons 2010-05-12 klockan 16:18 +0530 skrev Sagar:

> Is squid able to authenticate users from 2 different LDAP servers for
> company A & Company B. (ldap.companyA.com, ldap.companyB.com)

Yes, with a little simple glue.

This is best done if you can identify which company the user belongs to
based on his login name. And you MUST NOT have overlapping login names
where the same login name is used by both companies.

The following example glue in perl sends all logins beginning with a-f
to one LDAP server, the rest to another. Completely untested, but should
give you an idea.

#!/usr/bin/perl
$|=1;
open(LOGIN1,"|/usr/local/squid/libexec/squid_ldap_auth -b dc=example,dc=com -R -f uid=%s XX.XX.XX.XX");
open(LOGIN2,"|/usr/local/squid/libexec/squid_ldap_auth -b dc=example,dc=net -R -f uid=%s YY.YY.YY.YY");
while(<>) {
  if (/^[a-f]/) {
    print LOGIN1 $_;
  } else if {
    print LOGIN2 $_;
  }
}
Received on Wed May 12 2010 - 20:14:57 MDT

This archive was generated by hypermail 2.2.0 : Thu May 13 2010 - 12:00:05 MDT