[squid-users] Squid LDAP Auth ?

Olivier CALVANO o.calvano at gmail.com
Sun Feb 7 06:49:42 UTC 2016 

Hi

oh, i have change into my squid.conf:

auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b
'dc=mydomain,dc=fr' -f 'sAMAccountName=%s' -D
'cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr' -w 'Pa77word' -t 3 -H 192.168.10.1

in

auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b
dc=mydomain,dc=fr -f sAMAccountName=%s -D
cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr -w "Pa77word" -t 3 -H 192.168.10.1

and now that's work ;=) problems is due to ' and " i think's.


but now a new small problems, if i use only basic_ldap_auth no problems,
but if i want add ntlm:



### negotiate kerberos and ntlm authentication
auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm
/usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp
--kerberos /usr/lib64/squid/squid_kerb_auth -d -s GSS_C_NO_NAME
auth_param negotiate children 160 startup=5 idle=1
auth_param negotiate keep_alive on

## Module d'authentification NTLM
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 160 startup=5 idle=1
auth_param ntlm keep_alive on

## Si echec du NTLM proposer la fenetre d'authentification
auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b
dc=mydomain,dc=fr -f sAMAccountName=%s -D
cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr -w "Pa77word" -t 3 -H 192.168.10.1
auth_param basic children 40 startup=5 idle=1
auth_param basic realm MyTest
auth_param basic credentialsttl 2 hours



and now, because my pc is not on the AD Network, he request all time the
login/pass. auth_param basic don't work after negociate and ntlm.
in the login windows, i don't see me realm "MyTest"

a idea on this new problems ?

thanks
Olivier







2016-02-07 7:11 GMT+01:00 Olivier CALVANO <o.calvano at gmail.com>:

> Hi
>
> thanks for your help.
>
>
>
> 2016-02-07 2:08 GMT+01:00 Amos Jeffries <squid3 at treenet.co.nz>:
>
>> On 7/02/2016 12:01 a.m., Olivier CALVANO wrote:
>> > Hi
>> >
>>
>
>
>
>
>
>>
>>
>> >Amos
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160207/d19ac895/attachment.html>

More information about the squid-users mailing list