Search squid archive

squid ldap helpers crashing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Squid-Users,

I would like just to ask a bit of help regarding 
squid_ldap_group.
I tried with success the helper from commandline 
about a match between a user and a group and everything works 
perfectly.
Now, using the same set in squid.conf, it shows me in the 
log that the helpers are crashing too quick.
My question are:
1) I need 
absolutely to authenticate first with squid_ldap_auth or I could leave 
the ntlm_auth at the beginning and use only squid_ldap_group to check 
the membership in a ldap group?
2) at the definition of the external 
acl i set "%LOGIN", but to squid_ldap_group what squid pass?
3) Why in 
the squid logs for each squid_ldap_group opened show me the list with 
the options?and why it shows me that the -F and -B options are required 
if from commandline works perfectly and are not requested?

I attach 
here the part with my configuration and (following) the logs:

squid.
conf

#about squid_ldap_group
external_acl_type squid_ldap children=20 %
LOGIN c:/squid/libexec/squid_ldap_group.exe -R -v "3" -s "sub" -b 
"dc=kxxxx, dc=org" -f "(&(objectClass=person)(sAMAccountName=%v)
(memberOf=cn=%a,ou=Gruppen,ou=User F\\+E,dc=xx,dc=kxxxx,dc=org))"  -d -
D "squidadmin" -w "xxxxx" -S -K -h "kxdcrt02.kxxxx.org" -p "3268"

then 
the right acl with the group and the setting of the access for those.
>From commandline it returns me an OK but in the running of squid the 
helpers crash (I already tried to push up the number of children but 
doesn´t help!)

I tried than to make the first authentication with 
squid_ldap_auth.

auth_param basic program c:
/squid/libexec/squid_ldap_auth.exe -R -v "3" -s "sub" -b "dc=kxxxx, 
dc=org" -f "sAMAccountName=%s" -d -D "squidadmin" -w "xxxxxx" -h 
"kxdcrt02.kxxxx.org" -p "3268"

but when  the login box appears and I 
give my credential or other, simply it remains charging the page and 
after a while give me back the loginbox without show me the webpage.

Here I put also the logs:

squid_ldap_group version 2.17

Usage: 
squid_ldap_group -b basedn -f filter [options] ldap_server_name

	-b 
basedn (REQUIRED)	base dn under where to search for groups
	-f filter 
(REQUIRED)	group search filter pattern. %v = user,
				%a = group
	-B 
basedn (REQUIRED)	base dn under where to search for users
	-F filter 
(REQUIRED)	user search filter pattern. %s = login
	-s base|one|sub		
search scope
	-D binddn		DN to bind as to perform searches
	-w 
bindpasswd		password for binddn
	-W secretfile		read password for 
binddn from file secretfile
	-h server		LDAP server (defaults to 
localhost)
	-p port			LDAP server port (defaults to 389)
	-P			
persistent LDAP connection
	-c timeout		connect timeout
	-t timelimit		
search time limit
	-R			do not follow referrals
	-a 
never|always|search|find
				when to dereference aliases
	-v 2|3			LDAP 
version
	-Z			TLS encrypt the LDAP connection, requires
				LDAP 
version 3
	-g			first query parameter is base DN extension
				for this 
query
	-S			Strip NT domain from usernames
	-K			Strip Kerberos realm 
from usernames

	If you need to bind as a user to perform searches then 
use the
	-D binddn -w bindpasswd or -D binddn -W secretfile options

2008/08/07 15:38:01| logfileOpen: opening log c:/squid/var/logs/access.
log
2008/08/07 15:38:01| Unlinkd pipe opened on FD 308
2008/08/07 15:38:
01| Swap maxSize 102400 KB, estimated 7876 objects
2008/08/07 15:38:01| 
Target number of buckets: 393
2008/08/07 15:38:01| Using 8192 Store 
buckets
2008/08/07 15:38:01| Max Mem  size: 8192 KB
2008/08/07 15:38:
01| Max Swap size: 102400 KB
2008/08/07 15:38:01| Local cache digest 
enabled; rebuild/rewrite every 3600/3600 sec
2008/08/07 15:38:01| 
logfileOpen: opening log c:/squid/var/logs/store.log
2008/08/07 15:38:
01| Rebuilding storage in c:/squid/var/cache (CLEAN)
2008/08/07 15:38:
01| Using Least Load store dir selection
2008/08/07 15:38:01| Set 
Current Directory to c:/squid/var/cache
2008/08/07 15:38:01| Loaded 
Icons.
2008/08/07 15:38:01| Accepting accelerated HTTP connections at 
172.16.30.18, port 8080, FD 314.
2008/08/07 15:38:01| Accepting HTCP 
messages on port 4827, FD 315.
2008/08/07 15:38:01| Accepting SNMP 
messages on port 3401, FD 316.
2008/08/07 15:38:01| Configuring Parent 
172.16.30.16/8123/0
2008/08/07 15:38:01| Ready to serve requests.
2008/08/07 15:38:01| Done reading c:/squid/var/cache swaplog (0 
entries)
2008/08/07 15:38:01| Finished rebuilding storage from disk.
2008/08/07 15:38:01|         0 Entries scanned
2008/08/07 15:38:
01|         0 Invalid entries.
2008/08/07 15:38:01|         0 With 
invalid flags.
2008/08/07 15:38:01|         0 Objects loaded.
2008/08/07 15:38:01|         0 Objects expired.
2008/08/07 15:38:
01|         0 Objects cancelled.
2008/08/07 15:38:01|         0 
Duplicate URLs purged.
2008/08/07 15:38:01|         0 Swapfile clashes 
avoided.
2008/08/07 15:38:01|   Took 0.1 seconds (   0.0 objects/sec).
2008/08/07 15:38:01| Beginning Validation Procedure
2008/08/07 15:38:
01|   Completed Validation Procedure
2008/08/07 15:38:01|   Validated 0 
Entries

I would be really happy to have any advice from you.
Thanks in 
advance

Antonio


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux