[squid-users] Problems with ldap authentication

Marcio Demetrio Bacci marciobacci at gmail.com
Tue Dec 8 03:00:01 UTC 2015

I have changed my authentication block as below, but is not working.

The proxy user is a Read Only Domain Controller member. The password is

Samba4, krb5-user and winbindd are installed and work perfectly. Do I need
install any other package?

How can I test in command line?

Have anything wrong in my authentication block ?

auth_param basic program /usr/lib/squid3/basic_ldap_auth -b
cn=users,dc=empresa,dc=com,dc=br -D
cn=proxy,cn=users,dc=empresa,dc=com,dc=br -w test_12345 -h -p
389 -s sub -v 3 -f "sAMAccountName=%s"
auth_param basic children 50
auth_param basic realm Proxy Server Squid
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

With the command "ldbsearch -H /opt/samba/private/sam.ldb
'(objectclass=user)' uidNumber gidNumber ", my result is:
# record 881
dn: CN=proxy,CN=Users,DC=empresa,DC=com,DC=br
uidNumber: 10558
gidNumber: 30037



2015-12-07 22:10 GMT-02:00 Amos Jeffries <squid3 at treenet.co.nz>:

> On 8/12/2015 7:47 a.m., Marcio Demetrio Bacci wrote:
> > My LDAP Authentication do not work in Squid. I have already saw many
> > tutorials, but nothing solve this problem.
> > I have installed Squid 3.4 on Debian 8. My DC is a* Samba 4.2.*
> > In /var/log/squid3/cache.log appear the message:
> > *squid_ldap_auth: WARNING, could not bind to binddn 'Invalid
> credentials'*
> >
> That is your Squid helper being unable to access the LDAP server at
> The credentials you have configured it to use to access
> the LDAP (-D -w) are not working.
> Also, squid_ldap_auth is not part of the Squid-3.4 package on Debian.
> That might be part of the problem. Squid-3.4 provides basic_ldap_auth.
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151208/c4691657/attachment.html>

More information about the squid-users mailing list