Hi,
is it possible to use ntlm_auth just to authenticate users, and ldap_group
to control access by group membership?
I�m trying this configuration:
#ntlm_auth configuration
auth_param ntlm program /usr/local/squid/libexec/ntlm_auth
extranet/servername
# ldap_group configuration
external_acl_type ldap_group %LOGIN
/usr/local/squid/libexec/squid_ldap_group -h servername -b
"dc=extranet,dc=lab" -f "(&(cn=%g)(member=%u))" -F "sAMAccountName=%s" -D
"cn=ldapread,cn=Users,dc=extranet,dc=lab" -w "password" -d 1
# access control
acl test proxy_auth REQUIRED
acl testldap external ldap_group Administrators
http_access allow testldap
http_access deny all
But I receive the following error in cache.log:
user filter sAMAccountName=extranet\5cadministrator
squid_ldap_group WARNING, User 'sAMAccountName=extranet\5cadministrator' not
found
It looks like ntlm_auth passes "extranet\administrator" to ldap_group, but
it is changed to "extranet\5cadministrator".
Where did this "5c" come from?
Thanks,
Oswaldo
Received on Thu Sep 04 2003 - 13:51:01 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:32 MST