Hi,
I already read this link and yes, it's work with BASIC ldap
authentification but I want to use DIGEST ldap authentification !
The Digest ldap authentification don't work,.
auth_param DIGEST program c:/squid/libexec/DIGEST_ldap_auth.exe -R -A
"unicodePwd" -e -b "DC=aude,DC=com" -F "sAMAccountName=%s" -D
"Cn=Administrateur,OU=Users,DC=aude,DC=com" -w "toto" -F
sAMAccountName=%s -h 192.1.1.1 -p 389 -v 3 -Z
thank
Sébastien FLOUR
Service Informatique Audencia
Tél : 024037.4631 - Bureau 205
D & E Radel a écrit :
sflour@xxxxxxxxxxxx wrote:
Hi,
Thank you for this information but I doubt, because I read the (poor)
documentation and digest_ldap_auth is not for store a password in AD !
The only good way i can find on the web is this link :
http://nixforums.org/about143268.html&highlight=
Thank and have a good day.
The format I previously posted word for me against a Windows 2003
Server domain controller. The "-f sAMAccountName=%s" part is important.
/usr/lib/squid/ldap_auth
-R
-b "dc=my,dc=domain"
-D "cn=Administrator,cn=Users,dc=my,dc=domain"
-w "Administrator's_Password"
-f sAMAccountName=%s
-h IPofLDAPServer
The following example is from:
http://www.papercut.biz/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
auth_param basic program /usr/lib/squid/ldap_auth -R
-b "dc=vm-domain,dc=papercut,dc=biz"
-D "cn=Administrator,cn=Users,dc=your,dc=domain,dc=com"
-w "password" -f sAMAccountName=%s -h 192.168.1.75
auth_param basic children 5
auth_param basic realm Your Organisation Name
auth_param basic credentialsttl 5 minutes
Try something like that.
Regards,
D.Radel.
