Search squid archive

RE: squid_ldap_group trouble

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 1 Feb 2010 12:53:16 +0000, "Joseph L. Casale"
<jcasale@xxxxxxxxxxxxxxxxx> wrote:
>>Perhapse the fact that Kerberos works with anonymous binary blobs? no 
>>username in sight.
> 
> You have to pardon me, I am not familiar enough with the inner workings
> of Kerberos to understand what a binary blob is wrt to Kerberos:)
> 
>>Or if not that, something in the elided section "<...>".
> 
> I omitted it as it worked from the cli, but possibly something in the
> syntax when used in the conf file is wrong (wrapped intentionally here)?
> 
> external_acl_type ldapgroup %LOGIN /usr/lib64/squid/squid_ldap_group -R
> -b "DC=domain,DC=local" -D "CN=LDAP,CN=Users,DC=domain,DC=local" 
> -w "password" -f "(&(objectclass=person)(sAMAccountName=%v)
> (memberof=cn=%a,CN=Users,DC=domain,DC=local))" -h 10.0.0.2
> 
>>The bare http_access logic is fine but assumes the LDAP group helper can

>>handle what Kerberos uses for a username.
> 
> Is there a way to show what the helper is doing in the log file?

http://www.squid-cache.org/Versions/v3/3.1/manuals/squid_ldap_group

Looks like the -d debug option.

Amos

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux