Hi List,
i�ve several problems with
the squid ldap auth
i use following versions:
squid-2.5.STABLE1
openldap2-2.1.12
on SuSE 8.2 Pro (with all recent updates)
the ldap configuration works with samba and postfix
for the squid_ldapauth i use following configuration
/etc/squid_ldapauth.conf
# if not set, following defaults will be used:
ldap-server : xxxx
ldap-port : 389 # 389
ldap-suffix : dc=bad,dc=de # constructed from `hostname -d`
ldap-filter : (uid=%s)
ldap-passwdfield: userPassword
ldap-binddn : cn=squid,dc=bad,dc=de # i.e.
uid=squid,dc=domain,dc=top
ldap-password : xxxxxx # LDAP password for above binddn
#
squid.conf:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
error_directory /usr/share/squid/errors/German
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
auth_param basic program /usr/sbin/squid_ldapauth
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
cache_mem 42
cache_dir ufs /var/spool/squid/cache/ 2000 16 256
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src xxxxxxxx/255.255.255.0
acl allowed_hosts src xxxxxxxxx/255.255.255.0
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access deny manager all
http_access allow allowed_hosts
http_access deny all
icp_access allow allowed_hosts
icp_access deny all
miss_access allow allowed_hosts
miss_access deny all
cache_mgr root@aseidel.com
cache_effective_user squid nogroup
visible_hostname nfs-1.bad.de
coredump_dir /var/spool/squid/cache/squid
http_port xxxxx:3128
#https_port 192.168.1.1:3129
authenticate_program /usr/sbin/squid_ldapauth
when i type in this command:
squid_ldapauth -v -q -l
i get following
squid_ldapauth[3222]: config - found key: 'ldap-server'
squid_ldapauth[3222]: config - got value: 'xxxx'
squid_ldapauth[3222]: config - found key: 'ldap-port'
squid_ldapauth[3222]: config - got value: '389'
squid_ldapauth[3222]: config - found key: 'ldap-suffix'
squid_ldapauth[3222]: config - got value: 'dc=bad,dc=de'
squid_ldapauth[3222]: config - found key: 'ldap-filter'
squid_ldapauth[3222]: config - got value: '(uid=%s)'
squid_ldapauth[3222]: config - found key: 'ldap-passwdfield'
squid_ldapauth[3222]: config - got value: 'userPassword'
squid_ldapauth[3222]: config - found key: 'ldap-binddn'
squid_ldapauth[3222]: config - got value: 'xxxxx'
squid_ldapauth[3222]: config - found key: 'ldap-password'
squid_ldapauth[3222]: config - got value: 'xxxxx'
squid_ldapauth[3222]: using ldap-server => 'xxxx'
squid_ldapauth[3222]: using ldap-port => '389'
squid_ldapauth[3222]: using ldap-suffix => 'dc=bad,dc=de'
squid_ldapauth[3222]: using ldap-filter => '(uid=%s)'
squid_ldapauth[3222]: using ldap-passwdfield => 'userPassword'
squid_ldapauth[3222]: using ldap-binddn => 'xxxxxxx'
squid_ldapauth[3222]: using ldap-password => 'xxxxx'
squid_ldapauth[3222]: ldap_bind failed
my ldap says:
Jun 13 14:43:03 xxx slapd[3008]: conn=43 op=0 RESULT tag=97 err=2
text=requested protocol version not allowed
my questions now are:
Do i something wrong in the configuration?
is there a way to specify the protokoll version?
regards
Arno
Received on Sun Jun 13 2004 - 06:47:25 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT