This must be getting real old... it's still not working. I have now
turned on full external ACL debugging and it produces output like the
below:
2005/02/26 14:10:30| aclMatchExternal: ldap_group user not authenticated (-1)
2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
2005/02/26 14:10:31| aclMatchExternal: ldap_group("epa\\aderooy
gOpenProxy") = lookup needed
2005/02/26 14:10:31| externalAclLookup: lookup in 'ldap_group' for
'epa\\aderooy gOpenProxy'
2005/02/26 14:10:31| external_acl_cache_add: Adding 'epa\\aderooy
gOpenProxy' =-1 squid_ldap_group WARNING, User 'epa\aderooy' not found
in 'DC=estateprop,DC=com, DC=au,DC=local'
2005/02/26 14:10:31| externalAclHandleReply: reply="ERR"
2005/02/26 14:10:31| external_acl_cache_add: Adding 'epa\\aderooy gOpenProxy' =0
2005/02/26 14:10:31| external_acl_cache_add: updating existing entry
2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
2005/02/26 14:10:31| aclMatchExternal: ldap_group = 0
The problem is, this only happens in Squid. I have tried the EXACT
external ACL command line for squid_ldap_group many many times on the
command line and it works perfectly. I use it with domain\\username
and it works fine (with the -S parameter). But for some reason when
called from Squid it is failing...
It really makes no sense. This is plain 2.5STABLE7.
Regards,
Oliver
