Search squid archive

Re: Cannot get basic_ldap_auth to work with AD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Nov 13, 2013 at 08:24:56AM -0800, Brig wrote:
> Trying to get Squid to use our AD server to authenticate users with LDAP. I
> cannot get the basic_ldap_auth helper to work. I keep getting error:
> 
> ERR Success
> 
> 
> I am able to bind to the AD server and query ldap though using "ldapsearch"
> and the following command:
> 
> ldapsearch -LLL  -H ldap://ldap.mydomain.com -x -D
> 'CN=squidauth,OU=Users,OU=IT,DC=mydomain,DC=com' -w 'squidauth_password' -b
> 'DC=mydomain,DC=com' SAMAccountName uid uidNumber
> 
> That works fine yet if I use the Squid basic_ldap_auth  helper program and
> then enter in a good userid and password I just get that same error:
> 
> /usr/lib/squid3/basic_ldap_auth -R -v 3 -d -b “dc=mydomain,dc=com” -D
> “cn=squidauth,ou=Users,ou=IT,dc=mydomain,dc=com” -w "squidauth_password"  -h
> ldap.mydomain.com
> 
> squid squidpass

Firstly try running the following command from the command line:

/usr/lib/squid3/basic_ldap_auth -b DC=mydomain,DC=com -f
sAMAccountName=%s -D CN=squidauth,OU=Users,OU=IT,DC=mydomain,DC=com -w
squidauth_password -t 3 -H ldap://ldap.mydomain.com

Then interactively type Active Directory logins and passwords separated by
space. You should see something like this:

user1 password1
OK
baduser badpassword
ERR Success

> 
> basic_ldap_auth.cc(739): pid=31847 :attempting to authenticate user
> 'uid=squid,“dc=mydomain,dc=com”'
> ERR Success
> 
> I am running on ubuntu and just to make sure I was not hitting a bug I
> downloaded the latest source code squid-3.3.10 and compiled that and still
> get the same error.
> 
> Spent many hrs searching all the Squid forums, etc, and have not been able
> to find a solution that will work. My strengths are all on the Linux/Squid
> side and I am not familiar with MS AD server, we have an Admin that runs
> that so hoping someone here has experience with it.
> 
> Thanks in advance for any help you folks can give!
> 
> Brig
> 
> 
> 
> 
> 
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Cannot-get-basic-ldap-auth-to-work-with-AD-tp4663282.html
> Sent from the Squid - Users mailing list archive at Nabble.com.

-- 
Peter Benko
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux