Search squid archive

[squid-users] Re: Continued problems with squid_ldap_group

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Forget the whole thing - should have double and triple checked
everything first. I had one external_acl line in squid.conf and was
just using an old (but correct) external_acl line on the command line
from the bash history. Just one parameter makes all the difference!

On Tue, 1 Mar 2005 17:00:54 +1100, Oliver Hookins <ohookins@xxxxxxxxx> wrote:
> Sorry, just realised this message should really be titled
> squid_ldap_group since it has nothing to do with NTLM - those hurdles
> have been jumped fortunately.
> 
> ---------- Forwarded message ----------
> From: Oliver Hookins <ohookins@xxxxxxxxx>
> Date: Tue, 1 Mar 2005 16:59:15 +1100
> Subject: Continued problems with NTLM
> To: squid-users@xxxxxxxxxxxxxxx
> 
> This must be getting real old... it's still not working. I have now
> turned on full external ACL debugging and it produces output like the
> below:
> 
> 2005/02/26 14:10:30| aclMatchExternal: ldap_group user not authenticated (-1)
> 2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
> 2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
> 2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
> 2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
> 2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
> 2005/02/26 14:10:31| aclMatchExternal: ldap_group user not authenticated (-1)
> 2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
> 2005/02/26 14:10:31| aclMatchExternal: ldap_group("epa\\aderooy
> gOpenProxy") = lookup needed
> 2005/02/26 14:10:31| externalAclLookup: lookup in 'ldap_group' for
> 'epa\\aderooy gOpenProxy'
> 2005/02/26 14:10:31| external_acl_cache_add: Adding 'epa\\aderooy
> gOpenProxy' =-1 squid_ldap_group WARNING, User 'epa\aderooy' not found
> in 'DC=estateprop,DC=com, DC=au,DC=local'
> 2005/02/26 14:10:31| externalAclHandleReply: reply="ERR"
> 2005/02/26 14:10:31| external_acl_cache_add: Adding 'epa\\aderooy gOpenProxy' =0
> 2005/02/26 14:10:31| external_acl_cache_add: updating existing entry
> 2005/02/26 14:10:31| aclMatchExternal: acl="ldap_group"
> 2005/02/26 14:10:31| aclMatchExternal: ldap_group = 0
> 
> The problem is, this only happens in Squid. I have tried the EXACT
> external ACL command line for squid_ldap_group many many times on the
> command line and it works perfectly. I use it with domain\\username
> and it works fine (with the -S parameter). But for some reason when
> called from Squid it is failing...
> 
> It really makes no sense. This is plain 2.5STABLE7.
> 
> Regards,
> Oliver
>
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux