Search squid archive

Re: squid ldap group authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



i probe these configs, but arent working.<br>
auth_param basic program /usr/lib/squid/ldap_auth -Z -b "ou=group,dc=mydomain,dc=com" -D cn=admin,dc=hu -w password
auth_param basic children 10
auth_param basic credentialsttl 1 hour
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern .		0	20%	4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl SSL_ports port 873 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 631
acl Safe_ports port 873
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
no_cache deny QUERY
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -b "ou=group,dc=mydomain,dc=com" -f (&amp;(objectclass=posixGroup) (cn=%a) (member=%v))" -B " "cn=internet,ou=group,dc=mydomain,dc=com" -F uid="%s" -D cn=admin,dc=com -w password
acl passwd proxy_auth REQUIRED
acl passwd_group external ldap_group internet
http_access allow manager localhost
http_access allow password
http_access allow passwd_group
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
httpd_accel_single_host off
coredump_dir /var/spool/squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

The ldap:

com
|
mydomain
|	|
users   groups
|	  |
user1	internet



Mark Elsen írta:
On 12/5/05, CsY <csy@xxxxxxxxxx> wrote:
Hello

Can i help you?
I need set up the ldap group authentication, this rule do not working.
Any idea?

auth_param basic program /usr/lib/squid/ldap_auth -ZZ -b "ou=peoples,dc=mydomain,dc=com" ldap

external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -ZZ
-b "cn=netgroup,ou=groups,dc=mydomain,dc=com" -f
"(&(objectclass=posixGroup)(cn=%a)(member=%v))" -B
"ou=peoples,dc=mydomain,dc=com" -F uid="%s" -w pass serveraddress:serverport

acl password proxy_auth REQUIRED
acl password_group external ldap_group internet


http_access allow password_group

thanks





 - Squid version ?
 - OS/platform/version ?

 M.

 _____________ NOD32 1.1311 (20051202) Információ _____________

Az üzenetet a NOD32 antivirus system megvizsgálta.
http://www.nod32.hu





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux