Hi
thanks for your help.2016-02-07 2:08 GMT+01:00 Amos Jeffries <squid3@xxxxxxxxxxxxx>:
On 7/02/2016 12:01 a.m., Olivier CALVANO wrote:
> Hi
>
>Different binary being run?
> ./basic_ldap_auth seems to work
> /usr/lib64/squid/basic_ldap_auth does not
>So what is the full path of that './' ?
it's /usr/lib64/squid/basic_ldap_auth
>Your test was in the root account so it is it actually
>/root/basic_ldap_auth that is working ?
yes and if i use a other account (not a root account) that's work too with
/usr/lib64/squid/basic_ldap_auth -R -b 'dc=mydomain,dc=fr' -f 'sAMAccountName=%s' -D 'cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr' -w 'pa77word' -t 3 -H 192.168.10.1
/usr/lib64/squid/basic_ldap_auth -R -b 'dc=mydomain,dc=fr' -f 'sAMAccountName=%s' -D 'cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr' -w 'pa77word' -t 3 -H 192.168.10.1
>Line-wrap in your squid.conf?
> You can manually wrap by using '\' characters at the end of squid.conf
>lines followed by some whitespace indentation on the next line.
>Try adding -d (lower case) to the parameter list and checking if
>anything more useful gets logged in the debug trace.
No more information:
----------
basic_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'
2016/02/07 07:08:05.477 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT tiles.services.mozilla.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:05.477 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:05.477 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:05.477 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT tiles.services.mozilla.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:05.477 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51957 FD 16 flags=1
2016/02/07 07:08:05.477 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:05 GMT
Content-Type: text/html
Content-Length: 3474
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(197) doAccept: New connection on FD 26
2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:8080 remote=[::] FD 26 flags=9
2016/02/07 07:08:11.637 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.637 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:11.637 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:11.637 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:11.637 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:11.637 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:11.637 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.637 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:11 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:11.654 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.654 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:11.654 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:11.654 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:11.655 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:11.655 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:11.655 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.655 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:11 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:20.082 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:20.082 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:20.082 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:20.083 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:20.083 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:20.083 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:20.083 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:20.083 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:20 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
----------
basic_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'
2016/02/07 07:08:05.477 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT tiles.services.mozilla.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:05.477 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:05.477 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:05.477 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT tiles.services.mozilla.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:05.477 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51957 FD 16 flags=1
2016/02/07 07:08:05.477 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:05 GMT
Content-Type: text/html
Content-Length: 3474
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(197) doAccept: New connection on FD 26
2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:8080 remote=[::] FD 26 flags=9
2016/02/07 07:08:11.637 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.637 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:11.637 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:11.637 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:11.637 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:11.637 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:11.637 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.637 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:11 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:11.654 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.654 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:11.654 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:11.654 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:11.655 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:11.655 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:11.655 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:11.655 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:11 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
2016/02/07 07:08:20.082 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:20.082 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:
---------
CONNECT 0.client-channel.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Proxy-Connection: keep-alive
Connection: keep-alive
Host: 0.client-channel.google.com:443
----------
2016/02/07 07:08:20.082 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT 0.client-channel.google.com:443 is AUTH_REQUIRED, because it matched 'Winbind'
2016/02/07 07:08:20.083 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2016/02/07 07:08:20.083 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable
2016/02/07 07:08:20.083 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT 0.client-channel.google.com:443 is ALLOWED, because it matched 'Winbind'
2016/02/07 07:08:20.083 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=192.168.10.1:8080 remote=192.168.10.100:51964 FD 18 flags=1
2016/02/07 07:08:20.083 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sun, 07 Feb 2016 06:08:20 GMT
Content-Type: text/html
Content-Length: 3379
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive
----------
>Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users