Hi Eugene,
yes, that's true, but this only works together the program
squid_kerb_auth. So this require my computer inside a domain. I need
that it works with a popup to type username and password.
I tried:
- to use squid_kerb_auth with the parameter "auth_param basic program"
(DOESN'T WORK)
- to use squid_ldap_auth to autenticate and squid_kerb_ldap to search.
It authenticates but doesn't search. (DOESN'T WORK)
- to use "auth_param negotiate program squid_kerb_auth" with
"squid_kerb_ldap" to search, with my computer inside a domain. (IT
WORKS!) But without username/password popup.
Is there some way to join "Authentication via Popup" + "Recursive Query"?
Thanks Guys.
On Fri, Aug 10, 2012 at 12:57 AM, Eugene M. Zheganin <eugene_at_zhegan.in> wrote:
> Hi.
>
>
> On 10.08.2012 01:10, Rickifer Barros wrote:
>>
>> Hi squid users,
>>
>> I have a question about the helper squid_ldap_group whose don't find
>> in the internet. I'm testing it and I noticed that it don't recognize
>> groups inside group, but only read users inside group.
>>
>> The command I'm using is like this: external_acl_type AD_GROUP %LOGIN
>> /usr/lib/squid3/squid_ldap_group -R -P -b "dc=domain,dc=yyy" -D
>> "cn=user,dc=domain,dc=yyy" -w "password" -f
>>
>> "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn="%a",ou="example",dc=domain,dc=yyy))"
>> -h yyy.yyy.yyy.yyy
>>
>> Is there a way to squid_ldap_group to read the groups into the other
>> group?
>>
>>
> Afaik, the only way to let the squid know about nested groups is to use a
> squid_kerb_ldap instead of the squid_ldap_group.
>
> Eugene.
Received on Fri Aug 10 2012 - 11:55:52 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 10 2012 - 12:00:02 MDT