Hi Everyone,
Hope you can help. I'm trying to set up LDAP authentication based on group membership on a Linux Server running squid 10 stable 11.
I've read from the archives that it is a two stage process, and presently the group membership from the bash prompt is giving me a bit of a headache.
I'm testing all my LDAP queries first on LDAPBrowser (to simplify things a little!).
My basic authenticator works fine, in the form
/usr/lib/squid/squid_ldap_auth -b "ou=Users,dc=my,dc=domain"
myname mypassword
OK
I have noticed that my LDAP group doesn't have a 'member' attribute, but it does have 'memberUid'. On my LDAPBrowser I can query like this with the desired group as the result:
(&(objectclass=posixGroup)(cn=mygroup)(memberUid=myname))
If I put someone elses name in who isn't a member of mygroup then nothing is returned. However, creating the following command string gives me errors!
/usr/lib/squid/squid_ldap_group -b "ou=Groups,dc=my,dc=domain" -f "(&(objectclass=posixGroup)(cn=%a)(memberUid=%v))" -B "ou=Users,dc=my,dc=domain" -F "uid=%s"
myname mygroup
ERR
Any ideas?
Thanks for reading so patiently!
John
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
Received on Fri Oct 21 2005 - 08:31:07 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST