[squid-users] Problems with ldap authentication
Marcio Demetrio Bacci
marciobacci at gmail.com
Tue Dec 8 03:00:01 UTC 2015
I have changed my authentication block as below, but is not working.
The proxy user is a Read Only Domain Controller member. The password is
correct.
Samba4, krb5-user and winbindd are installed and work perfectly. Do I need
install any other package?
How can I test in command line?
Have anything wrong in my authentication block ?
auth_param basic program /usr/lib/squid3/basic_ldap_auth -b
cn=users,dc=empresa,dc=com,dc=br -D
cn=proxy,cn=users,dc=empresa,dc=com,dc=br -w test_12345 -h 192.168.0.25 -p
389 -s sub -v 3 -f "sAMAccountName=%s"
auth_param basic children 50
auth_param basic realm Proxy Server Squid
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
With the command "ldbsearch -H /opt/samba/private/sam.ldb
'(objectclass=user)' uidNumber gidNumber ", my result is:
# record 881
dn: CN=proxy,CN=Users,DC=empresa,DC=com,DC=br
uidNumber: 10558
gidNumber: 30037
Regards,
Márcio
2015-12-07 22:10 GMT-02:00 Amos Jeffries <squid3 at treenet.co.nz>:
> On 8/12/2015 7:47 a.m., Marcio Demetrio Bacci wrote:
> > My LDAP Authentication do not work in Squid. I have already saw many
> > tutorials, but nothing solve this problem.
> > I have installed Squid 3.4 on Debian 8. My DC is a* Samba 4.2.*
> > In /var/log/squid3/cache.log appear the message:
> > *squid_ldap_auth: WARNING, could not bind to binddn 'Invalid
> credentials'*
> >
>
> That is your Squid helper being unable to access the LDAP server at
> 192.168.0.25. The credentials you have configured it to use to access
> the LDAP (-D -w) are not working.
>
>
> Also, squid_ldap_auth is not part of the Squid-3.4 package on Debian.
> That might be part of the problem. Squid-3.4 provides basic_ldap_auth.
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151208/c4691657/attachment.html>
More information about the squid-users
mailing list