Thanks Sebastian, that gets around it.
Jeff
-- Jeff Richards Technical Consultant Unix Enterprise Services jeff.richards@centrelink.gov.au Tel: +61 2 6219 8125 "Arias, Sebastian Alejandro - (Ext To: "'jeff.richards@centrelink.gov.au'" <jeff.richards@centrelink.gov.au>, Arg)" 'Squid Users' <squid-users@squid-cache.org> <Sebastian.Arias@ cc: attla.com> Subject: RE: [squid-users] squid_ldap_auth problem 14/10/2003 10:03 |---------------------| | ( ) Urgent(4 hours) | | (*) Normal(24-48) | | ( ) Low(72 hours) | |---------------------| Expires on Try with a .sh file named auth_ldap with the following content: #!/bin/sh ./squid_ldap_auth -b "ou=xxxx,o=yyyy,c=zz" -u cn -s sub -D "cn=wwww,ou=xxxx,o=yyyy,c=zz," -w <password> -f "<filter here>" ldap_ip_address and then call the bash script in the squid.conf file ... don't forget to give permisses to squid to read and execute the script .... Good Luck. _________________________________________ Sebastián Arias Infraestructure & Technologies AT&T Latín América, Argentina Phone: [5411]5288-0524 - Fax: [5411]5288-0408 -----Mensaje original----- De: jeff.richards@centrelink.gov.au [mailto:jeff.richards@centrelink.gov.au] Enviado el: Martes, 14 de Octubre de 2003 04:19 a.m. Para: Squid Users Asunto: [squid-users] squid_ldap_auth problem Hi I'm trying to configure Squid 2.4.STABLE7, running on SuSE, to ldap authenticate against eDirectory. I have a working ldap query, which works just fine at the command line using squid_ldap_auth: ./squid_ldap_auth -b "ou=xxxx,o=yyyy,c=zz" -u cn -s sub -D "cn=wwww,ou=xxxx,o=yyyy,c=zz," -w <password> -f "<filter here>" ldap_ip_address This successfully connects to the server and validates or errors user name and password combinations correctly. In squid.conf, I have: acl all src 0.0.0.0/0.0.0.0 acl password proxy_auth REQUIRED http_access allow password http_access deny all PROBLEM: when I try to open a page and enter the user name and password at the prompt, I just get the following error in cache.log: squid_ldap_auth: WARNING, could not bind to binddn 'Invalid DN syntax' squid_ldap_auth: WARNING, could not bind to binddn 'Invalid DN syntax' and the prompt re-appears. But this DN is fine when run from the command line. I did notice that I get a TCP_DENIED message in access.log AS the prompt flashes up (i.e. BEFORE I've actually entered my details (not sure whether this is relevant or not)), as well as after. Any help appreciated. Regards Jeff -- Jeff Richards Technical Consultant Unix Enterprise Services jeff.richards@centrelink.gov.au Tel: +61 2 6219 8125 Important: This e-mail is intended for the use of the addressee and may contain information that is confidential, commercially valuable or subject to legal or parliamentary privilege. If you are not the intended recipient you are notified that any review, re-transmission, disclosure, use or dissemination of this communication is strictly prohibited by several Commonwealth Acts of Parliament. If you have received this communication in error please notify the sender immediately and delete all copies of this transmission together with any attachments. Este mensaje es confidencial. El mismo contiene información reservada y que no puede ser difundida. Si usted ha recibido este e-mail por error, por favor avísenos inmediatamente vía e-mail y tenga la amabilidad de eliminarlo de su sistema; no deberá copiar el mensaje ni divulgar su contenido a ninguna persona. Muchas gracias. This message is confidential. It contains information that is privileged and legally exempt from disclosure. If you have received this e-mail by mistake, please let us know immediately by e-mail and delete it from your system; you should also not copy the message nor disclose its contents to anyone. Thank You.Received on Tue Oct 14 2003 - 21:16:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:29 MST