Search squid archive

LDAP Group not working on Squid 2.6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I started looking 'ignore-no-cache' feature and found that it has been
implemented in Squid-2.6. I have tried to migrate current Squid-2.5STABLE14
to Squid-2.6, but I found a problem with LDAP Group identification.

The squid_ldap_group is working fine on Squid-2.5, but not on
Squid-2.6. The external_acl_type
is configured as:

external_acl_type ldap-group concurrency=6 %LOGIN /opt/oss/squid/libexec/squid
_ldap_group -b t=COMPANY -f
(&(objectClass=person)(groupMembership=%a)(cn=%v)) -D
cn=ldap-auth,o=system -w password  -s sub -P -S ldap-1

I put '-d' into squid_ldap_group for more verbose, from cache.log file:

Squid-2.5
Connected OK
group filter '(&(objectClass=person)(groupMembership=cn=internet-access,ou=groups,o=qogr)(cn=bob))',
searchbase 't=COMPANY'

Squid-2.6
Connected OK
group filter '(&(objectClass=person)(groupMembership=company\5cbob)(cn=0))',
searchbase 't=COMPANY'
squid_ldap_group WARNING, LDAP search error 'Invalid DN syntax'

From the  cache.log files, it can be noticed there is some problem
with 'groupMembership' and 'cn'.

I tried to run ldapsearch and it works fine

./ldapsearch -L -h ldap-1 -b "t=COMPANY" -s sub -D
"cn=ldap-auth,o=system" -w password
"(&(objectClass=person)(groupMembership=cn=internet-access,ou=groups,o=system)(cn=bob))"

I tried to run ldapsearch and it works fine.

Is there anything I should change in squid_ldap_group arguments?

Thanks.

VinylBNE

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux