On Tue, 17 Jan 2006, Meyerovich Aleksandr EB_NY wrote:
What would be the right openldap version for the following combination: RedHat 8.0 (2.4.18-14) and Squid 2.5.STABLE4-20031110. When compiling Squid with enable ....ldap.... options how to specify an alternate openldap location.
Doesn't the openldap shipped with RedHat 8 work?
Do squid_ldap_auth and squid_ldap_group support Kerberos bind?
No. But it supports TLS encryption if your LDAP Library (OpenLDAP) has TLS support and a certificate is installed on the LDAP server.
How to make Kreberos bind?
You have to modify the code.
Ldapsearch with this parameters returns what I need: ./ldapsearch -b "dc=my,dc=domain" -D "user@xxxxxxxxx" -w "password" "sAMAccountName=SomeGroupName" -h server. Squid_ldap_auth with the same options/filters returns ERR.
The above is probably not doing a kerberos bind but a simple bind just like squid_ldap_auth..
Is there an error message given by squid_ldap_auth? Try using the -d flag to squid_ldap_auth increasing the logging slightly..
Regards Henrik
