Search squid archive

Re: Re: Re: Re: Re: Re: squid_ldap_group against nested groups/Ous

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi.

On 31.07.2012 04:54, Markus Moeller wrote:
Hi Eugene,

For squid_kerb_ldap to work with automatic ldap server detection you need to setup your DNS correctly. All SRV records must be hostnames (not IPs as in your cases some are). The the hostname will be resolved in an IP and back into a hostname to eliminated CNAMEs. For the final hostnames a ldap/hostname principal must exist. e.g TEST.com a CNAME resolves into 192.1.1.1 which resolves in server1.com which means a ldap/server1.com principal must exits.

Thanks for a clear explanation, now I see why it doesn't work. And I was able to fix the binding to some particular DCs. But I think (it's only my imo though) that circular resolving to eliminate CNAMEs is a bit complicated: reverse zones aren't needed even for an AD domain to work properly.

Thanks for your help and for your helper.
Eugene.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux