[squid-users] squid_ldap_group and Active Directory

From: fdfhf gjgjj <[email protected]>
Date: Wed, 03 Sep 2003 17:06:15 +0000

Hello,

I would like to authentify squid internet users with Active Directory and
Ldap. I have a squid configured with ldap_auth and ldap_group.

First, i have a simple question: It is possible with ldap_group to
authentify users from differents UO who belong to the same group.

(i'm using squid 2.5stable3 on a redhat 7.2)

I want to do this:

create a universal group internetaccess on my AD
then, add users from different UO ex: toto from /desktop/win2k , titi from
/laptop/xp/users/.... (toto and titi belongs to internetaccess group)

It is possible to do that? i have near 1000 users from differents uo :-/

I have set up my squid.conf like this:

auth_param basic program /usr/lib/squid/squid_ldap_auth -b
ou=Groups,ou=Permissions,dc=fra,dc=hager,dc=corp -h 10.33.24.11 -p 389
auth_param basic realm authenfies toi sinon bobo !

# auth AD
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -b
"ou=Groups,ou=Permissions,dc=fra,dc=bolton,dc=corp" -f
"(&(cn=%v)(member=uid=%d,*)(objectClass=groupOfNames))" -h 10.33.24.11 -p
389

acl all src 0/0
acl internetusers external ldap_group internetaccess
http_access allow internetusers
http_access deny all

when i'm connecting on my proxy, i have an authentication box..very good :-)
but the authentication doesn't work ..

Can you help to configure my squid.conf ?

my tree :

fra.bolton.corp
|
permissions
   |
  groups
      |
        internetaccess (group)

thank you very much for all !

fred

_________________________________________________________________
Trouvez l'�me soeur sur MSN Rencontres http://g.msn.fr/FR1000/9551
Received on Wed Sep 03 2003 - 11:06:21 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:31 MST