[squid-users] Problems with ldap authentication

Marcio Demetrio Bacci marciobacci at gmail.com
Tue Dec 8 23:57:38 UTC 2015


Hi,

I changed the parameter, but I received the following error:

basic_ldap_auth: WARNING, LDAP search error 'Operations error'
ERR Success

The command line used:

/usr/lib/squid3/basic_ldap_auth \
    -b dc=empresa,dc=com,dc=br \
    -D cn=proxy,cn=users,dc=empresa,dc=com,dc=br -w test_12345 \
    -h 192.168.0.25 -p 389 -s sub -v 3 -f "sAMAccountName=%s"

My Samba4 Structure is:

empresa.com.br
    Users
    Computers
    Builtin
    Domain Controllers
    ForeignSecurityPrincipals
    EMPRESA
        IT
            Users
        Sales
            Users
...

2015-12-08 16:16 GMT-02:00 Kinkie <gkinkie at gmail.com>:

> On Tue, Dec 8, 2015 at 6:14 PM, Marcio Demetrio Bacci
> <marciobacci at gmail.com> wrote:
> > Hi
> >
> > In the Squid Server, I want only basic authentication.
> >
> > The command:
> >
> > /usr/lib/squid3/basic_ldap_auth \
> >    -b cn=users,dc=empresa,dc=com,dc=br \
> >    -D cn=proxy,cn=users,dc=empresa,dc=com,dc=br -w test_12345 \
> >    -h 192.168.0.25 -p 389 -s sub -v 3 -f "sAMAccountName=%s"
> >
> > shows "Success" to authenticate only the users in Organization Unity
> (OU)
> > "Users", but in my domain I have many OU that has users as TI, Financial,
> > Sales..
> >
> > How I get authenticate the users in others OU?
>
> Since you are using "sub" as search scope, you simply have to move up
> one level in the base-DN tree.
> Change the parameter
> -b cn=users,dc=empresa,dc=com,dc=br
> to
> -b dc=empresa,dc=com,dc=br
>
>    Francesco Chemolli
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151208/533acc60/attachment.html>


More information about the squid-users mailing list