Hello, I am trying to get squid authenticate with openldap. I have googled, searched the mail archives and read the mans but it is still not working. My slapd.conf: include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/corba.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/redhat/autofs.schema allow bind_v2 pidfile /var/run/slapd.pid argsfile /var/run/slapd.args database bdb suffix "dc=muratisik,dc=homelinux,dc=org" rootdn "cn=Manager,dc=muratisik,dc=homelinux,dc=org" rootpw ortak_nokta directory /var/lib/ldap index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub my openldap ldif: version: 1 # LDIF Export for: dc=muratisik,dc=homelinux,dc=org # Generated by phpLDAPadmin ( http://phpldapadmin.sourceforge.net/ ) on June 3, 2005 4:05 pm # Server: My LDAP Server (127.0.0.1) # Search Scope: sub # Search Filter: (objectClass=*) # Total Entries: 6 # Entry 1: dc=muratisik,dc=homelinux,dc=org dn: dc=muratisik,dc=homelinux,dc=org dc: muratisik o: muratisik.homelinux.org objectClass: dcObject objectClass: organization objectClass: top # Entry 2: cn=Manager,dc=muratisik,dc=homelinux,dc=org dn: cn=Manager,dc=muratisik,dc=homelinux,dc=org cn: Manager objectClass: organizationalRole objectClass: top # Entry 3: ou=squid,dc=muratisik,dc=homelinux,dc=org dn: ou=squid,dc=muratisik,dc=homelinux,dc=org ou: squid objectClass: top objectClass: organizationalUnit # Entry 4: uid=murat,ou=squid,dc=muratisik,dc=homelinux,dc=org dn: uid=murat,ou=squid,dc=muratisik,dc=homelinux,dc=org uid: murat givenName: Murat sn: Isik cn: muratisik userPassword: secret loginShell: /bin/bash uidNumber: 504 gidNumber: 504 homeDirectory: /home/murat shadowMin: -1 shadowMax: 999999 shadowWarning: 7 shadowInactive: -1 shadowExpire: -1 shadowFlag: 0 objectClass: top objectClass: person objectClass: posixAccount objectClass: shadowAccount objectClass: inetOrgPerson # Entry 5: uid=tester,ou=squid,dc=muratisik,dc=homelinux,dc=org dn: uid=tester,ou=squid,dc=muratisik,dc=homelinux,dc=org uid: tester givenName: tester sn: tester cn: tester userPassword: tester loginShell: /bin/bash uidNumber: 505 gidNumber: 505 homeDirectory: /home/tester shadowMin: -1 shadowMax: 999999 shadowWarning: 7 shadowInactive: -1 shadowExpire: -1 shadowFlag: 0 objectClass: top objectClass: person objectClass: posixAccount objectClass: shadowAccount objectClass: inetOrgPerson # Entry 6: cn=squid_allowed,ou=squid,dc=muratisik,dc=homelinux,dc=org dn: cn=squid_allowed,ou=squid,dc=muratisik,dc=homelinux,dc=org cn: squid_allowed member: uid=tester,ou=squid,dc=muratisik,dc=homelinux,dc=org objectClass: groupOfNames objectClass: top my squid.conf: auth_param basic program /usr/lib/squid/squid_ldap_auth -b ou=squid,dc=muratisik,dc=homelinux,dc=org -f (&(uid=%s)(objectClass=inetOrgPerson)) -h 127.0.0.1 external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -b ou=squid,dc=muratisik,dc=homelinux,dc=org -B ou=squid,dc=muratisik,dc=homelinux,dc=org -F (uid=%s) -f (&(cn=%g)(member=%u)(objectClass=groupOfNames)) -h 127.0.0.1 acl AUTENTIC proxy_auth REQUIRED acl INTERNET external ldap_group squid_allowed http_access allow INTERNET http_access allow AUTENTIC INTERNET When I enter the username and password (tester/tester) when the browser pops up the squid auth box, I get "Cache Access Denied." Thanks in advance. Have a nice day Murat Isik
