Re: [squid-users] Problems with squid_ldap_auth

From: Gonzalo Morera <gmorera_at_novell.com>
Date: Fri, 28 Jan 2011 13:14:23 +0000

 Thanks Amos

indeed, if i type username password on the blinking cursor , i've got an OK

Something else learned :-)

Gonzalo
 
>>> Amos Jeffries <squid3_at_treenet.co.nz> 28/1/2011 02:09 PM >>>
On 29/01/11 01:05, Gonzalo Morera wrote:
> Hi all
>
> running sles 11 with squid 2.7 stable5-2.4.1 trying to use squid_ldap_auth against edirectory 8.8 sp5 on os2sp2.
>
> I'm trying first from command line and not even the first step is working
>
> When i type at bash:
>
> /usr/sbin/squid_ldap_auth -Z -D cn=squid,o=test -w test -b o=test -s sub -f "(&(objectclass=User)(cn=%s))" -h 10.1.1..2 -p 389
>
> Nothing happen. Cursor keeps blinking. Pressing enter just drop one line but keeps blinking then i have to press control-c to stop it
>

You just described a working Squid helper. They sit and wait infinitely
long for input to arrive.

Type something before pressing enter and you should get the OK/ERR
response. Of course to get the OK you will need to type a correct
encoded line.
  What it is expecting is the encoded blob portion of an
Proxy-Authenticate: header. For Basic auth the blob is base-64 decoded
first. For other auth its unchanged.

Use -d for debug traces if that old version supports it.

> If i use squid_ldapauth after configure /etc/squid_ldapauth.conf with the same credentials as before, it works
> If i telnet from squid server to port ldap server port 389 por 636, it works
>
> I've tried different queries like dropping the -Z option but made no changes.
>
> so only squid_ldap_auth is not even sending a query. Nothing on var/log/messar or /var/log/squid/*.log files and tracing with tcpdump shows no info sent to the ldpa server.
>
> So what i'm doing wrong? :-)
>
> Thanks a lot for any help
>
> Gonzalo
>

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.10
   Beta testers wanted for 3.2.0.4
Received on Fri Jan 28 2011 - 13:14:32 MST

This archive was generated by hypermail 2.2.0 : Fri Jan 28 2011 - 12:00:04 MST