[SQU] group_ldap_auth Problem

From: Lumpp, Wolfgang <[email protected]>
Date: Tue, 5 Sep 2000 13:33:26 +0200

Hi all,

with group_ldap_auth I have problems to auth. some test users.
I get the authentication window in the browser, but access is denied all the
time. If someone could help????

Thanks a lot
Wolfgang

Here the dependent logs or configs:

squid.conf:

acl all src 0.0.0.0/32
acl ldap ldap_auth yyy zzz
acl ldap src 1.9.0.0/16
http_access deny !ldap all

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/slapd.at.conf
include /etc/openldap/slapd.oc.conf
schemacheck off
pidfile /var/slapd.pid
argsfile /var/slapd.args
loglevel 20
database ldbm
suffix "dc=msc-ge,dc=com"
directory /var/openldap
rootdn "uid=admin,dc=msc-ge,dc=com"
rootpw secret
index cn,sn pres,eq,approx,sub
index objectclass pres,eq
index default none
defaultaccess read
access to *
    by self write
    by dn="uid=admin,dc=msc-ge,dc=com" write
    by * read

LDIF-FILE:

dn: dc=msc-ge, dc=com
objectclass: organization
objectclass: top
o: MSC Vertriebs GmbH
l: Stutensee
postalcode: 76297
streetadress: Industriestrasse 16

dn: uid=admin, dc=msc-ge,dc=com
objectclass: person
objectclass: organizationalperson
objectclass: inetorgperson
cn: admin
cn: Systemverwalter
cn: Wolfgang Lumpp
sn: Lumpp
uid: admin
mail: wol@msc-ge.com
l: Stutensee
postalcode: 76297
streetadress: Industriestrasse 16
telephonenumber: 07249-910 150
facsimiletelephonenumber: 07249-4232

dn: ou=People, dc=msc-ge,dc=com
ou: Personen
objectclass: organizationalunit
description: Mitarbeiter MSC und Gleichmann

dn: uid=zzz, ou=People,dc=msc-ge,dc=com
sn: Testzzz
mail: zzz@msc-ge.com
objectclass: top
objectclass: person
objectclass: organizationalperson
uid: zzz
cn: z Testperson
password: {crypt}nC8Rxat8DB6SM

dn: uid=yyy, ou=People,dc=msc-ge,dc=com
sn: Testperson
mail: yyy@msc-ge.com
objectclass: top
objectclass: person
objectclass: organizationalPerson
uid: yyy
cn: y Testperson
password: {crypt}LBi.4Na28A9r6

dn: ou=test,dc=msc-ge,dc=com
objectclass: organizationalunit
objectclass: groupofnames
description: testgruppe
uniquemember: uid=zzz,ou=people,dc=msc-ge,dc=com
uniquemember: uid=yyy,ou=people,dc=msc-ge,dc=com

LOG-File:

Sep 5 11:52:20 MSC-FAX01 slapd[12204]: SRCH "DC=MSC-GE,DC=COM" 2 3
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: 0 0 0
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: filter: (uid=ZZZ)
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: attrs:
Sep 5 11:52:20 MSC-FAX01 slapd[12204]:
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => ldbm_back_search
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 1
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 2
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ADMIN,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 3
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 4
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr entry
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr sn
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr mail
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr
objectclass
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr cn
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr password
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 4
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 5
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
UID=YYY,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 5
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_rtrylock: ID: 6
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: edn
OU=TEST,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: => acl_get: [1] check attr uid
Sep 5 11:52:20 MSC-FAX01 slapd[12204]: entry_rdwr_runlock: ID: 6
Sep 5 11:52:20 MSC-FAX01 slapd[12205]: ==> ldbm_back_bind: dn:
UID=ZZZ,OU=PEOPLE,DC=MSC-GE,DC=COM
Sep 5 11:52:20 MSC-FAX01 slapd[12205]: entry_rdwr_rtrylock: ID: 4
Sep 5 11:52:20 MSC-FAX01 slapd[12205]: entry_rdwr_runlock: ID: 4

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Tue Sep 05 2000 - 05:37:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:12 MST