Mauricio Silveira wrote:
Hi all
I'm a real newbie on using LDAP... I'm using here Slackware 12 without pam.
I have just compiled squid 2.6.STABLE16, I'm on a fight with the ldap
auth module...
Look at this:
The former:
/usr/libexec/squid/squid_ldap_auth -b "dc=LINUXDEV,dc=INTRANET" -D
"cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d -f
sAMAccountName=%s -h 192.168.10.10
username password
squid_ldap_auth: WARNING, LDAP search error 'Operations error'
ERR Success
The latter:
/usr/libexec/squid/squid_ldap_auth -b "cn=Users,dc=LINUXDEV,dc=INTRANET"
-D "cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d
-f sAMAccountName=%s -h 192.168.10.10
username password
OK
My question is: WHY????
Should I really provide an object such as the cn=Users to start from?
Unkown to me....
And BTW... squid_ldap_auth seems to be caching queries... I just changed
the test user's password and the old password still returns Ok.
this from the manual command-line tests or through squid?
squid caches the auth. You need to set authenticate_ttl to something
less than the default hour to test.
I don't think any of the squid helpers cache, they don't need to. But
the ldap server may also have some internal cache.
Amos
