> Hello, still, I solved this problem as follows:
> I created new group 'test_inet' in the container 'Users' & enter in
> it users: 'ldapreader','testproxyad1'
> Command 'squid_ldap_group' is now work with next syntaxis:
> /usr/lib/squid/squid_ldap_group -d -v 3 -b "dc=kng,dc=local" -f \
> '(&(cn=%v)(memberOf=cn=a%,cn=Users,dc=kng,dc=local))' -D ldapreader@kng.local \
> -w 12345678 -h 192.168.4.100
> Input in console:
> ldapreader test_inet
> Connected OK
> group filter <...> searchbase <...>
> OK
> So, now there is another problem:
> when i input describe of user, 'squid_ldap_group' working correct,
> but when i input login, output of command is 'ERR'.
> Example: In Active Directory user 'test_proxy_ad_1' has login 'testproxyad1'.
> /usr/lib/squid/squid_ldap_group -d -v 3 -b "dc=kng,dc=local" -f \
> '(&(cn=%v)(memberOf=cn=a%,cn=Users,dc=kng,dc=local))' -D ldapreader@kng.local \
> -w 12345678 -h 192.168.4.100
> Input in console:
> testproxyad1 test_inet
> Connected OK
> ...
> ERR
> test_proxy_ad_1 test_inet
> Connected OK
> ...
> OK
> The new question is follow: how to do that 'squid_ldap_group' check login of user, not describe?
> Will waiting for response.
Well, I do it myself again) Just command is:
/usr/lib/squid/squid_ldap_group -d -v 3 -b "dc=kng,dc=local" -f \
'(&(sAMAccountName=%v)(memberOf=cn=a%,cn=Users,dc=kng,dc=local))' -D ldapreader@kng.local \
-w 12345678 -h 192.168.4.100
I change 'cn' to 'sAMAccountName'.
Input in console:
testproxyad1 test_inet
Connected OK
...
OK
Asked myself - answer myself)))
Thanks all, the problem is solved.
Cheers,
Paul
