Search squid archive

Squid3 Samba3 PDC Authentication via LDAP -- help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello List,

I have a slight problem. I need to squid to authenticate against a samba PDC with an LDAP backend. I would like it to do the Authentication without the help of SAMBA and to get the password right out of the LDAP server and unhash.


Would this be the helper I am looking for (squid3):

Usage: digest_pw_auth(LDAP_backend) -b basedn -f filter [options] ldap_server_name

-A password attribute(REQUIRED) User attribute that contains the password -l password realm delimiter(REQUIRED) Charater(s) that devides the password attribute in realm and password tokens, default ':' realm:password -b basedn (REQUIRED) base dn under where to search for users -e Encrypted passwords(REQUIRED) Password are stored encrypted using HHA1 -F filter user search filter pattern. %s = login -u attribute attribute to use in combination with the basedn to create the user DN
       -s base|one|sub                         search scope
-D binddn DN to bind as to perform searches
       -w bindpasswd                           password for binddn
-W secretfile read password for binddn from file secretfile -H URI LDAPURI (defaults to ldap://localhost) -h server LDAP server (defaults to localhost) -p port LDAP server port (defaults to 389)
       -P                                      persistent LDAP connection
       -c timeout                              connect timeout
       -t timelimit                            search time limit
       -R                                      do not follow referrals
       -a never|always|search|find             when to dereference aliases
       -v 2|3                                  LDAP version
-Z TLS encrypt the LDAP connection, requires
                               LDAP version 3
-S Strip NT domain from usernames

       If you need to bind as a user to perform searches then use the
       -D binddn -w bindpasswd or -D binddn -W secretfile options


And could someone please provide me with an example of its usage.... as I am having no luck here testing it.

[root@xxxxx:/usr/lib/squid3] ./digest_ldap_auth -R -b "ou=People,dc=domain,dc=co,dc=za" -u "uid" -A sambaNTPassword -h ldap_server
etiennep 83152D7BEBBCA0BF0E5E170005097A69
ERR

[root@xxxxx:/usr/lib/squid3] ./digest_ldap_auth -R -b "ou=People,dc=domain,dc=co,dc=za" -u "uid" -A sambaNTPassword -h ldap_server
CPT-OFFICE\etiennep 83152D7BEBBCA0BF0E5E170005097A69
ERR

Oh, btw anonymous binds are allowed for searches only... this will change once it is working. Also the firewall is not interfering and the connection is not secured, as this is within a testing environment.

Any help with this will be much appreciated.
--

Kind Regards

Etienne Pretorius


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux