Ok, thank you for explanation. But I still do not understand why squid_ldap_group does not work without -R option. And how to force it to make a real request to PDC, not just serch top-level groups... Best Regards, Dmitry Surovtsev - Дмитрий Суровцев Credit Europe Bank - Кредит Европа Банк 390-67-33, ext. 4011 -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, March 20, 2008 3:12 AM To: Dmitry SUROVTSEV Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: squid_ldap_group On Wed, 2008-03-19 at 11:15 +0200, Dmitry SUROVTSEV wrote: > We have squid 3 with authorization in AD. But! squid_ldap_group does not work without -R option. > Can anybody explain me what may be a problem? The matter is we defined > some top-level groups in AD and included some dipper groups into them. > But squid_ldap_group does not do the refferal search. That's not referrals, at least not from what i know of referrals... referrals is for redirecting the requestor when LDAP objects or subtrees found in another LDrAP server.. used for example in a global LDAP directory server used for finding each organisations LDAP directory servers.. Can you use ldapsearch to search for those sub-members? Regards Henrik
