Hi to everyone !!
I've installed squid for windows ver.2.7 on a VBox virtual machine Windows
-7- 64 bit – in orer to test integration with Win2003 AD but I’ve an issue
with external ACL helpers for testing group/user in Active directory.
Userstd = user that match AD Group UserIE
UserIE = AD Group created for gain internet access for all users that are
member of this group.
This line below in squid.conf return me the value ERR so I can’t gain access
to users (%u) who join the right AD Group (%g).
external_acl_type gruppo_ldap %LOGIN c:/squid/libexec/squid_ldap_group.exe
-v 3 -b "dc=nomedominio,dc=local" -D
"CN=nomeutente,OU=OUUtente,OU=OUPadre,dc=nomedominio,dc=local" -w pwdutente
-f "(&(objectclass=person)(sAMAccountName=%u)
(memberof=cn=%g,OU=OUPadre,dc=nomedominio,dc=local))" -h ip-ldap-server:389
cache.log debug option :
2013/11/11 15:44:07| aclMatchExternal: acl="gruppo_ldap"
2013/11/11 15:44:07| aclMatchExternal: gruppo_ldap("userstd userIE") =
lookup needed
2013/11/11 15:44:07| externalAclLookup: lookup in 'gruppo_ldap' for 'userstd
userIE'
2013/11/11 15:44:12| externalAclHandleReply: reply="ERR"
2013/11/11 15:44:12| external_acl_cache_add: Adding 'userstd userIE' = 0
2013/11/11 15:44:12| aclMatchExternal: acl="gruppo_ldap"
2013/11/11 15:44:12| aclMatchExternal: gruppo_ldap = 0
While the same command executed from command prompt :
c:/squid/libexec/squid_ldap_group.exe -v 3 -b "dc=nomedominio,dc=local" -D
"CN=nomeutente,OU=OUUtente,OU=OUPadre,dc=nomedominio,dc=local" -w pwdutente
-f "(&(objectclass=person)(sAMAccountName=%u)
(memberof=cn=%g,OU=OUPadre,dc=nomedominio,dc=local))" -h ip-ldap-server:389
return me OK.
I don’t understand why ?!?
Someone can help me ?
Thanks in advance.
-- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Issue-with-Squid-ldap-group-Windows-tp4663221.html Sent from the Squid - Users mailing list archive at Nabble.com.Received on Mon Nov 11 2013 - 15:19:26 MST
This archive was generated by hypermail 2.2.0 : Mon Nov 11 2013 - 12:00:04 MST