Search squid archive

[squid-users] Problem with squid_ldap_auth and squid.conf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a problem with the following configuration line:

authenticate_program /usr/lib/squid/squid_ldap_auth -u CN -b CN=Users,DC=xyz,DC=local -D CN=Administrator,CN=Users,DC=xyz,DC=local -w PASSWORD -s sub -f memberOf=CN=Internet,CN=Users,DC=xyz,DC=local IP-ADRESS

The strange thing is, that when I execute the following command on the command line

echo "USER PASSWORD" | /usr/lib/squid/squid_ldap_auth -u CN -b
CN=Users,DC=xyz,DC=local -D CN=Administrator,CN=Users,DC=xyz,DC=local -w PASSWORD -s sub -f memberOf=CN=Internet,CN=Users,DC=xyz,DC=local IP-ADRESS

I get an OK, but when I add it to the squid.conf then it doesn't work.
In the access.log then stands this:
Usage: squid_ldap_auth [options] ldap_server_name

        -b basedn (REQUIRED)    base dn under which to search
        -f filter               search filter to locate user DN
        -u userattr             username DN attribute
        -s base|one|sub         search scope
        -D binddn               DN to bind as to perform searches
        -w bindpasswd           password for binddn
        -p                      persistent LDAP connection
        -R                      do not follow referrals
        -a never|always|search|find
                                when to dereference aliases

If no search filter is specified, then the dn <userattr>=user,basedn
will be used (same as specifying a search filter of '<userattr>=',
but quicker as as there is no need to search for the user DN)

        If you need to bind as a user to perform searches then use the
        -D binddn -w bindpasswd options

This is the normal error message, which you get with invalid parameters.
But that the same command works on the command line tells me, that the command is correct.

When I use the following configuration line:

authenticate_program /usr/lib/squid/squid_ldap_auth -u CN -b CN=Users,DC=xyz,DC=local -D CN=Administrator,CN=Users,DC=xyz,DC=local -w PASSWORD IP-ADRESS

then it works also in the squid.conf.
So I think the parser of the squid.conf truncates the command after authenticate_program.

When I make a wrapper script with the long command line from above then it works also, but this is only a temporary solution for me.

Has someone had the same problem and does anyone know a real solution?

Regards
Matthias
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux