Search squid archive

Re: Re: squid_ldap_auth and Windows 2003 AD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes, I have. The searches are being performed by an authenticated user.

Thanks,
Colin


                                                                           
             Adam Aube                                                     
             <aaube01@xxxxxxxx                                             
             u>                                                         To 
             Sent by: news             squid-users@xxxxxxxxxxxxxxx         
             <news@xxxxxxxxxxx                                          cc 
             rg>                                                           
                                                                   Subject 
                                         Re: squid_ldap_auth  
             11/10/2005 08:51          and Windows 2003 AD                 
             AM                                                            
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




Colin Farley wrote:

> We have a few production squid proxy servers running various STABLE
> versions of squid 2.5 and are encountering some issues as we upgrade our
> Domain controllers from windows 2000 to windows 2003.  The proxy servers
> query the LDAP directory for user access control.

> Ideally, we would like all proxy servers to use a base dn that allows
them
> to search the entire domain ("dn=domain,dn=lan"), when querying Windows
> 2000 domain controllers this works perfectly.  However, when we point
> these proxy servers to Windows 2003 domain controllers for LDAP queries
> squid_ldap_auth fails.

> I have found that if I specify an ou for the base dn it works fine
> ("ou=site1,dn=domain,dn=lan").  So, it seems that Windows 2003 domain
> controllers have added security that stops searches beginning from the
> base of the domain and searches must start within an ou.

Have you configured squid_ldap_auth to bind using a user account?

Adam



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux