[squid-users] squid_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'

Amos Jeffries squid3 at treenet.co.nz
Mon Dec 15 19:05:14 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16/12/2014 12:03 p.m., Ahmed Allzaeem wrote:
> Hi guys
> 
> Im trying to use squid with active directory  2008 R2 as an
> external authentication
> 
> On DC called smart.ps
> 
> Create user squid and gave it delegation to the dc and put it also
> in the group admins in the OU=proxy
> 
> 
> 
> Also create user with username a and pwd 111111
> 
> 
> 
> Now on my linux box it don't work with squid ,
> 
> So , I try to troubleshoot it and I do the following test :
> 
> 
> 
> echo "a 111111" | /usr/lib/squid/squid_ldap_auth -R -b
> "dc=smart,dc=ps" -D "cn=squid,ou=proxy,dc=smart,dc=ps" -w .... -f
> saMaccoutName=%s -h 192.168.1.110
> 
> 
> 
> squid_ldap_auth: WARNING, could not bind to binddn 'Invalid
> credentials'
> 
> ERR Success
> 
> 
> 
> 
> 
> Any help ?
> 

I think that used to mean the command line parameters -D... and -w...
you have given the helper are not able to be used to login to the
- -h... AD server.

Please note that by using -w (lower case w) parameter you have now
just published your AD password in a public mailing list. It should be
changed immediately.


Although it could mean the client credentials being looked up were not
able to be found within AD when using the -b -f and -R parameters.

Is the "saMaccoutName=%s" parameter spelled correctly ?


> 
> Any recommendations about squid and winwod s2008 R2 ??
> 
> 
> 
> Here is  squid version BTW :
> 
> squid -v
> 
> Squid Cache: Version 3.1.10
> 

Please upgrade if you can. 3.1 is really old. I seem to recall some
changes to these LDAP helpers.

Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUjzDpAAoJELJo5wb/XPRj0iIIAKhDvp/6bVvr+2byFcQREd/D
jmcMU4r3lAOkWVoHIovgCPkBqupnbfQr03SoLGfnj08z18gtQDkiEkCniUoIN6Tz
2Nkb+itWKa5vlgmMcetC1SIlLj/8hOPULmCIj7/qF9ccGcoYQilm9EYcYpIztyNA
rbiJZLDpjXTneL0O1H2t6IbpYGaCIyvNDFFqvYSziqQd1mBhdJ3CfIafph1w08i9
TSoidRbB3rNttoffAbzXNPdsb7K6uToWjBe++whLJrZ/I2TGAMO9x43EEJ0JpMdV
F8XJEAAcfGe7OymRGzq4IeeAsEGPJNX1ELC89mJMA9GN2LJfNpwCguFiP4V3ZCk=
=BaEO
-----END PGP SIGNATURE-----

More information about the squid-users mailing list