[squid-users] LDAP related question.
Brendan Kearney
bpk678 at gmail.com
Fri Jul 31 21:18:23 UTC 2015
On 07/31/2015 08:34 AM, Dan Purgert wrote:
> Quoting Eliezer Croitoru <eliezer at ngtech.co.il>:
>
>> I managed to make it work!
>> I am using ubuntu 14.04.2 with openLDAP and phpldapadmin.
>> I have changed my server to look like yours and it still didn't work.
>> So what I did was this: I changed the command to:
>> /usr/lib/squid3/ext_ldap_group_acl -d -b "dc=ngtech,dc=local" -D
>> "cn=admin,dc=ngtech,dc=local" -w password-f
>> "(&(objectClass=*)(memberUid=%u)(cn=%g))" -h 127.0.0.1
>>
>> Which actually works great.
>> I enter:"user1 parents" and it says OK.
>>
>> I have been reading that there might be a reason that memberOf will
>> not work as expected and was hoping someone here might know about it.
>>
>
>
> Oh right, I had to compile in(?) something to make "memberOf" play
> nice. Don't remember if it was in slapd or squid though... would need
> to grab my setup notes from that server to see.
>
> Glad to hear you got it working though!
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
since you have phpLDAPAdmin, my exports should be a near 1:1 import for you.
load the module:
dn: cn=module{2},cn=config #<-- adjust the number between { and } to
your env
cn: module{2} # <-- same adjustment as above
objectclass: olcModuleList
objectclass: top
olcmoduleload: {0}memberof.la # <-- this is 0 because its the first
module loaded in this cn
olcmodulepath: /usr/lib64/openldap #<-- adjust for your env, this where
fedora places the *.la files; memberof.la should be in this dir
load the overlay into the database (not the DIT):
dn: olcOverlay={2}memberof,olcDatabase={2}mdb,cn=config #<-- again
adjust for your env it is coincidence that both #s are 2 in my env.
objectclass: olcOverlayConfig
objectclass: olcMemberOf
objectclass: top
olcmemberofrefint: TRUE
olcoverlay: {2}memberof # <-- adjust for your env, too
i will send screenshots from my phpLDAPAdmin to you off list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150731/6e40090d/attachment.html>
More information about the squid-users
mailing list