Re: [squid-users] [Fwd: Regarding Ldap+Squid]

From: Sunil S <sunils@dont-contact.us>
Date: Thu, 26 May 2005 22:16:25 +0530

Helo Selvam,

1. I use auth param as below:

auth_param basic program /d2/sw/squid-3.0/libexec/squid_ldap_auth -u CN
-b CN=Users,DC=my,DC=company,DC=co,DC=in -h server_ip

2. There should be a netlogon share on your domain controller
(server_ip in the above case) with a file named "proxyauth" and that
file should contain just one word "allow" inside it.

This combination works for me. Replace what is relevant for you.

Regards

Sunil

>>> "Selvam E." <selvame@questresearch.com> 05/23/05 1:06 PM >>>
---------------------------- Original Message
----------------------------
Subject: [Fwd: Regarding Ldap+Squid]
From: "Selvam E." <selvame@questresearch.com>
Date: Mon, May 23, 2005 12:33 pm
To: squid-users@squid-cache.org
--------------------------------------------------------------------------

---------------------------- Original Message
----------------------------
Subject: Regarding Ldap+Squid
From: "Selvam E." <selvame@questresearch.com>
Date: Mon, May 23, 2005 12:21 pm
To: squid-users@squid-cache.org
Cc: "Henrik Nordstrom" <hno@squid-cache.org>
--------------------------------------------------------------------------

Hi,

I am configure squid.conf with following setting for ldap
authentication.

auth_param basic program /usr/lib/squid/squid_ldap_auth -b
"dc=quest,dc=com" -D 'cn=Manager,dc=quest,dc=com' -w z -h 192.168.1.1
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl mynet proxy_auth REQUIRED
acl badDomains dstdomain "/etc/squid/baddomains"
acl badIPs dst "/etc/squid/badips"

http_access allow localhost
deny_info ERR_BAD_DOMAIN badDomains
deny_info ERR_BAD_DOMAIN badIPs
http_access deny badDomains
http_access deny badIPs
#http_access allow mynet
#http_access deny all
http_access allow all

but iam unable to get authentication from LDAP.

Please help me.

Regards,

Selvam E.
Linux Administrator,
First Advantage Quest Research
Mumbai
Malad (W)
India

This e-mail message is only to be used by intended recipients and all others may kindly
delete it and notify the sender. Unless expressly authorized by HPCL, the views
expressed and the message itself is that of the individual sender and recipients are
cautioned to check messages/ attachments for any viruses before use. Users
acknowledge that messages may contain confidential, proprietary or privileged
information and that HPCL neither assures nor guarantees integrity or content of
messages.
Received on Thu May 26 2005 - 10:35:56 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT