Hello Henrik, You was right - host name must follow after all options. I didn't know this. Now all looks working. Thanks for help. ;) Tuesday, May 1, 2007, 6:32:44 PM, you wrote: > tis 2007-05-01 klockan 14:09 +0300 skrev Sergey A. Kobzar: >> external_acl_type ldap_group %LOGIN /usr/local/libexec/squid/squid_ldap_group \ >> -b "ou=Groups,dc=home" -f "(&(memberUid=%u)(cn=%g))" -v 3 localhost \ >> -D "cn=Guest,ou=DSA,dc=home" -w xxx > All options need to go before the host name, or the'll get misread as > hostnames.. >> May 1 14:00:28 pixel slapd[744]: conn=256 fd=21 ACCEPT from IP=127.0.0.1:50849 (IP=127.0.0.1:389) >> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SRCH base="ou=Groups,dc=home" scope=2 deref=0 filter="(&(memberUid=sak)(cn=squid-unlim))" > This search was anonymous. Probably because of the above. >> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SRCH attr=1.1 >> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SEARCH RESULT tag=101 err=0 nentries=0 text= > And no results was returned by your LDAP.. > Regards > Henrik -- Best regards, Sergey mailto:ksa@xxxxxxxx
