[squid-users] Squid with AD - missing libraries

Verónica Ovando vero.ovando at live.com
Tue Sep 22 11:52:10 UTC 2015 

Hi everybody,
I am newbie with Squid3. I am trying to integrate my squid con with Active Directory. Squid works well in non-transparent mode. I followed this tutorial: http://wiki.bitbinary.com/index.php/Active_Directory_Integrated_Squid_Proxy#Authentication for the set up.I need to authenticate clients not authenticated via Kerberos and users authenticated in the AD.
I installed squid3 and ldap-utils from repositories (over Debian Jessie), but i can´t find some libraries such as /usr/lib/squid3/squid_ldap_group and /usr/lib/squid3/squid_ldap_auth. They are not in the expected directories. I used apt-file search but with no results.
These are the libraries in the /usr/lib/squid3 dir:basic_db_auth		      basic_radius_auth		   	basic_fake_auth		      basic_sasl_auth		   	 basic_getpwnam_auth	      basic_smb_auth		   		 basic_ldap_auth		      basic_smb_auth.sh		   	 basic_msnt_auth		      	   		 basic_msnt_multi_domain_auth  		   		 basic_ncsa_auth		      		   basic_nis_auth		     			   		basic_pam_auth		      	   basic_pop3_auth		      cert_tool		digest_ldap_auth diskddigest_file_authext_kerberos_ldap_group_acl  ext_ldap_group_acl		ext_file_userip_aclext_unix_group_acl	ext_sql_session_aclext_session_acl	ext_ldap_group_acl	 ext_wbinfo_group_aclhelper-mux.pllog_db_daemon		log_file_daemonnegotiate_wrapper_auth negotiate_wrapper_authnegotiate_kerberos_auth_test ntlm_fake_authpingerstoreid_file_rewriteunlinkd url_fake_rewrite.shnegotiate_kerberos_auth url_fake_rewritentlm_smb_lm_auth
I can't test if an user belongs to a group as shown here/usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D squid at example.local -W /etc/squid3/ldappass.txt -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local
EXAMPLE\Username Internet%20Users%20StandardI had to use ext_wbinfo_group_acl to perform that test.
Because of the missing libraries, I can't create the authentication for users not authenticated with Kerberos/NTLM:auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=example,dc=local" -D squid at example.local -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h dc1.example.local
and cannot create the LDAP authorisation for groups:external_acl_type memberof %LOGIN /usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D squid at example.local -W /etc/squid3/ldappass.txt -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local

Why those libraries does not exists? Can I perform the same authentications using others? 
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150922/ecdeebbb/attachment.html>

More information about the squid-users mailing list