[squid-users] Re: squid active directory integration

Hi David,

I can see there is some differences..... my wbinfo_group.pl look as follows:

#
# Globals
#
use vars qw/ %opt /;

# Disable output buffering
$|=1;

sub debug {
        print STDERR "@_\n" if $opt{d};
}

#
# Check if a user belongs to a group
#
sub check {
        local($user, $group) = @_;

        my @DATA = split (/\@/, $user);
        $user = $DATA[0];

        if ($opt{K} && ($user =~ m/\@/)) {
                @tmpuser = split(/\@/, $user);
                $user = "$tmpuser[1]\\$tmpuser[0]";
        }
        $groupSID = `wbinfo -n "$group" | cut -d" " -f1`;
        chop $groupSID;
        $groupGID = `wbinfo -Y "$groupSID"`;
        chop $groupGID;
        &debug( "User: -$user-\nGroup: -$group-\nSID: -$groupSID-\nGID:
-$groupGID-");
        return 'ERR' if($groupGID eq ""); # Verify if groupGID variable is
empty.
        return 'ERR' if(`wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo
-r" command returns no value.
        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
        return 'ERR';
}

#
# Command line options processing
#
sub init()
{
    use Getopt::Std;
    my $opt_string = 'hdK';
    getopts( "$opt_string", \%opt ) or usage();
    usage() if $opt{h};
}

#
# Message about this program and how to use it
#
sub usage()
{
        print "Usage: wbinfo_group.pl -dh\n";
        print "\t-d enable debugging\n";
        print "\t-h print the help\n";
        print "\t-K downgrade Kerberos credentials to NTLM.\n";
        exit;
}

init();
print STDERR "Debugging mode ON.\n" if $opt{d};

#
# Main loop
#
while (<STDIN>) {
        chop;
        &debug ("Got $_ from squid");
        ($user, @groups) = split(/\s+/);
        $user =~ s/%([0-9a-fA-F][0-9a-fA-F])/pack("c",hex($1))/eg;
        # test for each group squid send in it's request
        foreach $group (@groups) {
                $group =~ s/%([0-9a-fA-F][0-9a-fA-F])/pack("c",hex($1))/eg;
                # Add this line
                $group =~ s/%20/ /;
                $ans = &check($user, $group);
                last if $ans eq "OK";
        }
        &debug ("Sending $ans to squid");
        print "$ans\n";
}

Try the above codes and let me know how it works.

Best Regards
Sandeep

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-active-directory-integration-tp4661575p4662034.html
Sent from the Squid - Users mailing list archive at Nabble.com.