|
Hi everybody,
I am newbie with Squid3. I am trying to integrate my squid con with Active Directory. Squid works well in non-transparent mode. I followed this tutorial: http://wiki.bitbinary.com/index.php/Active_Directory_Integrated_Squid_Proxy#Authentication for the set up. I need to authenticate clients not authenticated via Kerberos and users authenticated in the AD. I installed squid3 and ldap-utils from repositories (over Debian Jessie), but i can´t find some libraries such as /usr/lib/squid3/squid_ldap_group and /usr/lib/squid3/squid_ldap_auth. They are not in the expected directories. I used apt-file search but with no results. These are the libraries in the /usr/lib/squid3 dir: basic_db_auth basic_radius_auth basic_fake_auth basic_sasl_auth basic_getpwnam_auth basic_smb_auth basic_ldap_auth basic_smb_auth.sh basic_msnt_auth basic_msnt_multi_domain_auth basic_ncsa_auth basic_nis_auth basic_pam_auth basic_pop3_auth cert_tool digest_ldap_auth diskd digest_file_auth ext_kerberos_ldap_group_acl ext_ldap_group_acl ext_file_userip_acl ext_unix_group_acl ext_sql_session_acl ext_session_acl ext_ldap_group_acl ext_wbinfo_group_acl helper-mux.pl log_db_daemon log_file_daemon negotiate_wrapper_auth negotiate_wrapper_auth negotiate_kerberos_auth_test ntlm_fake_auth pinger storeid_file_rewrite unlinkd url_fake_rewrite.sh negotiate_kerberos_auth url_fake_rewrite ntlm_smb_lm_auth I can't test if an user belongs to a group as shown here /usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D squid@example.local -W /etc/squid3/ldappass.txt -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local EXAMPLE\Username Internet%20Users%20Standard I had to use ext_wbinfo_group_acl to perform that test. Because of the missing libraries, I can't create the authentication for users not authenticated with Kerberos/NTLM: auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=example,dc=local" -D squid@example.local -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h dc1.example.local and cannot create the LDAP authorisation for groups: external_acl_type memberof %LOGIN /usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D squid@example.local -W /etc/squid3/ldappass.txt -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local Why those libraries does not exists? Can I perform the same authentications using others? |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
