[squid-users] Re: Cannot get basic_ldap_auth to work with AD

Hi Peter,

Thx for the replies! Your names sounds familiar, were you on the Squid
project like 18 yrs ago? My first Squid project was back then when I used it
to develop a load balancer and I wonder if we corresponded back then?

Anyway here is the results of the four commands you asked me to issue:

1)

/u01/local/squid-3.3.10/helpers/basic_auth/LDAP/basic_ldap_auth -P -R -u cn
-b "cn=Users,dc=mydomain,dc=com" -h 'ldap.mydomain.com'
brig {my passwd}
ERR Invalid credentials

2)

/u01/local/squid-3.3.10/helpers/basic_auth/LDAP/basic_ldap_auth -d -b
'dc=mydomain,dc=com' -f 'sAMAccountName=%s' -D
'cn=squidauth,ou=Users,dc=mydomain,dc=com' -w 'squidauth passwd' -t 3 -H
'ldap://ldap.mydomain.com'
brig {my passwd}
basic_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'
ERR Success

3)

ldapsearch -LLL -H ldap://ldap.mydomain.com -x -D
'CN=squidauth,OU=Users,OU=IT,
DC=mydomain,DC=com' -w 'squidauth passwd' -b 'DC=mydomain,DC=com'
'(sAMAccountNa
me=brig)' dn

dn: CN=Brig,OU=Users,OU=IT,DC=mydomain,DC=com

# refldap://ForestDnsZones.mydomain.com/DC=ForestDnsZones,DC=mydomain,DC=com

# refldap://DomainDnsZones.mydomain.com/DC=DomainDnsZones,DC=mydomain,DC=com

# refldap://mydomain.com/CN=Configuration,DC=mydomain,DC=com

4)

ldapsearch -LLL -H ldap://ldap.mydomain.com -x -D
'CN=Brig,OU=Users,OU=IT,DC=mydomain,DC=com' -w 'my passwd' -b
'DC=mydomain,DC=com' '(sAMAccountName=brig)' dn

dn: CN=Brig,OU=Users,OU=IT,DC=mydomain,DC=com

# refldap://ForestDnsZones.mydomain.com/DC=ForestDnsZones,DC=mydomain,DC=com

# refldap://DomainDnsZones.mydomain.com/DC=DomainDnsZones,DC=mydomain,DC=com

# refldap://mydomain.com/CN=Configuration,DC=mydomain,DC=com

While doing this I spent an hour on the AD server too looking for any kind
of errors or anything and found NOTHING! This reminded me how much I hate
working with M$ technology cuz somehow I feel if I was using OpenLdap I get
the feeling I would see some kind of logging events that could help me
figure this out . . .

Thx again for you help!

Brig

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Cannot-get-basic-ldap-auth-to-work-with-AD-tp4663282p4663399.html
Sent from the Squid - Users mailing list archive at Nabble.com.