Search squid archive

Re: Squid and squid_ldap_auth... strange base needed!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mauricio Silveira wrote:
Hi all

I'm a real newbie on using LDAP... I'm using here Slackware 12 without pam.

I have just compiled squid 2.6.STABLE16, I'm on a fight with the ldap auth module...

Look at this:

The former:
/usr/libexec/squid/squid_ldap_auth -b "dc=LINUXDEV,dc=INTRANET" -D "cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d -f sAMAccountName=%s -h 192.168.10.10
username password
squid_ldap_auth: WARNING, LDAP search error 'Operations error'
ERR Success

The latter:
/usr/libexec/squid/squid_ldap_auth -b "cn=Users,dc=LINUXDEV,dc=INTRANET" -D "cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d -f sAMAccountName=%s -h 192.168.10.10
username password
OK


My question is: WHY????
Should I really provide an object such as the cn=Users to start from?

Unkown to me....

And BTW... squid_ldap_auth seems to be caching queries... I just changed the test user's password and the old password still returns Ok.

this from the manual command-line tests or through squid?
squid caches the auth. You need to set authenticate_ttl to something less than the default hour to test.

I don't think any of the squid helpers cache, they don't need to. But the ldap server may also have some internal cache.


Amos

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux