[squid-users] Ldap and Active directory

From: kevin stuttard <[email protected]>
Date: Tue, 1 Apr 2003 20:47:14 +0200 (CEST)

Hi. I have been muddling my way through setting up
squid_ldap_auth for about a week now and I just seem
to be going around in circles with this one. I set up
Squid2.5 stable 1 and I have it up and running a
treat. No problems etc. I installed the
squid_ldap_auth by running make install as suggested
elsewhere in this mailing list and read the
documentation in the helper direcory of the source as
suggested by Henrik. I have placed a couple of lines
in my squid.conf as follows

auth_param basic program
/usr/local/squid/libexec/squid_ldap_auth
/usr/local/squid/libexec/ldap_auth.conf

acl password proxy_auth REQUIRED
http_access allow password

I have tried running squid_ldap_auth from the command
line with all sorts of options such as squid_ldap_auth
-b ou=All
Users,dc=mansfield13104,dc=lancsngfl,dc=ac,dc=uk
pluto:389

I have tried all sorts of permutations as per the
documentation and all I get when I type a username and
password pair is ERR.(I have also tried it with the -h
option).

I know the AD details which are as follows :-
The domain controller is Pluto

DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
OU=All
Users,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=Builtin,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=Computers,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
OU=Domain
Controllers,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=ForeignSecurityPrincipals,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=Infrastructure,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=LostAndFound,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
OU=Nointernet,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
OU=Staff,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=System,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=Users,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk
CN=Configuration,DC=mansfield13104,DC=lancsngfl,DC=ac,DC=uk

Any ideas anyone please as I'm going mad with this
one? What format should my ldap_auth.conf file take?
What permissions etc should be on it?

=====
Kevin Stuttard
Head Of ICT Support
Mansfield High School
Brierfield
Nelson
BB95RX
Visit our web site -- http://www.mansfieldhighschool.uklinux.net

___________________________________________________
Yahoo! Messenger - Nueva versi�n GRATIS
Super Webcam, voz, caritas animadas, y m�s...
http://messenger.yahoo.es
Received on Tue Apr 01 2003 - 11:47:18 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:35 MST