[squid-users] Help squid_ldap_group W32

From: <[email protected]>
Date: 2 Nov 2004 11:36:06 -0000

Hi all,

I'm trying to working with squid into a windows 2K server, and I've users into a ldap three. My scope is to have two groups: internetOK has access to internet e internetNO hasn't.

In my squid.conf I've:

auth_param basic program /Squid/libexec/squid_ldap_auth.exe -u cn -b ou=utenti,dc=bdcnet,dc=it -D cn=superadmin,cn=users,dc=bdcnet,dc=it -w pass -d -v 3 -h 192.168.1.1:389
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

external_acl_type ldap_group %LOGIN /Squid/libexec/squid_ldap_group.exe -u CN -b "OU=utenti,DC=bdcnet,DC=it" -d -f "(&(CN=%u)(objectClass=person)((memberOf=cn=internetOKnavigare,OU=utenti,DC=bdcnet,DC=it)))" -h 192.168.1.1:389

acl internetgroup external ldap_group internetOK
acl NOinternet external ldap_group internetNO
acl autenticati proxy_auth REQUIRED

http_access deny autenticati NOinternet
http_access allow autenticati internetgroup
http_access deny all

The basic authentication work for me good, but the authorization membership doesn't work.

For the external_acl_type I try different ldap search strings, but none seems to work:

for example:

external_acl_type ldap_group squid_ldap_group.exe -u "CN" -b "OU=utenti,DC=bdcnet,DC=it" -d -D cn=superadmin,cn=users,dc=bdcnet,dc=it -w pass -f (&(cn=%u)(|(memberOf=cn=internetOK,OU=utenti,DC=bdcnet,DC=it)(memberOf=cn=internetNO,OU=utenti,DC=bdcnet,DC=it)))
-h 192.168.1.1:389 -D cn=superadmin,cn=users,dc=bdcnet,dc=it -w pass

What are right parameters for " -f" option in squid_ldap_group?

Thanks in advance, and Best Regards

Samantha & Raffaele

-------------------------------------------------------------------------
NUOVA WEBMAIL DI INTERFREE!

Da oggi Interfree offre a tutti i suoi utenti un nuovissimo servizio
di WebMail tra i pi� evoluti e una qualit� professionale che si rinnova
di continuo:

- Controllo antivirus
- Filtro antispamming
- Configurazione di account esterni
- Accesso gratuito a InterDrive dove salvare e organizzare i tuoi
        file da qualsiasi computer e in qualsiasi momento ...

Iscriviti gratuitamente all'indirizzo http://www.interfree.it e prova il
nuovo servizio!

Lo Staff di Interfree
-------------------------------------------------------------------------
Received on Tue Nov 02 2004 - 04:36:12 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST