<div dir="ltr"><div>Hi<br><br></div>thanks for your help.<br><br><br><div class="gmail_extra"><br><div class="gmail_quote">2016-02-07 2:08 GMT+01:00 Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="">On 7/02/2016 12:01 a.m., Olivier CALVANO wrote:<br>
> Hi<br>
><br>
</span></blockquote><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">>Different binary being run?<br>
<br>> ./basic_ldap_auth seems to work<br>> /usr/lib64/squid/basic_ldap_auth does not<br>
<br>>So what is the full path of that './' ?<br></blockquote><div><br></div><div>it's /usr/lib64/squid/basic_ldap_auth<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>>Your test was in the root account so it is it actually<br>>/root/basic_ldap_auth that is working ?<br>
<br></blockquote><div><br><br></div><div>yes and if i use a other account (not a root account) that's work too with<br>/usr/lib64/squid/basic_ldap_auth -R -b 'dc=mydomain,dc=fr' -f 'sAMAccountName=%s' -D 'cn=<span class="im">UserAdmin</span>,ou=vpn,dc=mydomain,dc=fr' -w 'pa77word' -t 3 -H <span class="im">192.168.10.1</span></div><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>>Line-wrap in your squid.conf?<br>> You can manually wrap by using '\' characters at the end of squid.conf<br>>lines followed by some whitespace indentation on the next line.<br></blockquote><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>>Try adding -d (lower case) to the parameter list and checking if<br>>anything more useful gets logged in the debug trace.<br></blockquote><div><br><br></div><div>No more information: <br><br><br>----------<br>basic_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'<br>2016/02/07 07:08:05.477 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT <a href="http://tiles.services.mozilla.com:443">tiles.services.mozilla.com:443</a> is AUTH_REQUIRED, because it matched 'Winbind'<br>2016/02/07 07:08:05.477 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.<br>2016/02/07 07:08:05.477 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable<br>2016/02/07 07:08:05.477 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT <a href="http://tiles.services.mozilla.com:443">tiles.services.mozilla.com:443</a> is ALLOWED, because it matched 'Winbind'<br>2016/02/07 07:08:05.477 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51957">192.168.10.100:51957</a> FD 16 flags=1<br>2016/02/07 07:08:05.477 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:<br>---------<br>HTTP/1.1 407 Proxy Authentication Required<br>Server: squid/3.3.8<br>Mime-Version: 1.0<br>Date: Sun, 07 Feb 2016 06:08:05 GMT<br>Content-Type: text/html<br>Content-Length: 3474<br>X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0<br>Vary: Accept-Language<br>Content-Language: en<br>Proxy-Authenticate: Basic realm="MyTest"<br>X-Cache: MISS from <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a><br>X-Cache-Lookup: NONE from <a href="http://gw.mylocalhost.fr:8080">gw.mylocalhost.fr:8080</a><br>Via: 1.1 <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a> (squid/3.3.8)<br>Connection: keep-alive<br><br><br>----------<br>2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(197) doAccept: New connection on FD 26<br>2016/02/07 07:08:11.636 kid1| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:8080 remote=[::] FD 26 flags=9<br>2016/02/07 07:08:11.637 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:11.637 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:<br>---------<br>CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> HTTP/1.1<br>User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0<br>Proxy-Connection: keep-alive<br>Connection: keep-alive<br>Host: <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a><br><br><br>----------<br>2016/02/07 07:08:11.637 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is AUTH_REQUIRED, because it matched 'Winbind'<br>2016/02/07 07:08:11.637 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.<br>2016/02/07 07:08:11.637 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable<br>2016/02/07 07:08:11.637 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is ALLOWED, because it matched 'Winbind'<br>2016/02/07 07:08:11.637 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:11.637 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:<br>---------<br>HTTP/1.1 407 Proxy Authentication Required<br>Server: squid/3.3.8<br>Mime-Version: 1.0<br>Date: Sun, 07 Feb 2016 06:08:11 GMT<br>Content-Type: text/html<br>Content-Length: 3379<br>X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0<br>Vary: Accept-Language<br>Content-Language: en<br>Proxy-Authenticate: Basic realm="MyTest"<br>X-Cache: MISS from <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a><br>X-Cache-Lookup: NONE from <a href="http://gw.mylocalhost.fr:8080">gw.mylocalhost.fr:8080</a><br>Via: 1.1 <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a> (squid/3.3.8)<br>Connection: keep-alive<br><br><br>----------<br>2016/02/07 07:08:11.654 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:11.654 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:<br>---------<br>CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> HTTP/1.1<br>User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0<br>Proxy-Connection: keep-alive<br>Connection: keep-alive<br>Host: <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a><br><br><br>----------<br>2016/02/07 07:08:11.654 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is AUTH_REQUIRED, because it matched 'Winbind'<br>2016/02/07 07:08:11.654 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.<br>2016/02/07 07:08:11.655 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable<br>2016/02/07 07:08:11.655 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is ALLOWED, because it matched 'Winbind'<br>2016/02/07 07:08:11.655 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:11.655 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:<br>---------<br>HTTP/1.1 407 Proxy Authentication Required<br>Server: squid/3.3.8<br>Mime-Version: 1.0<br>Date: Sun, 07 Feb 2016 06:08:11 GMT<br>Content-Type: text/html<br>Content-Length: 3379<br>X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0<br>Vary: Accept-Language<br>Content-Language: en<br>Proxy-Authenticate: Basic realm="MyTest"<br>X-Cache: MISS from <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a><br>X-Cache-Lookup: NONE from <a href="http://gw.mylocalhost.fr:8080">gw.mylocalhost.fr:8080</a><br>Via: 1.1 <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a> (squid/3.3.8)<br>Connection: keep-alive<br><br><br>----------<br>2016/02/07 07:08:20.082 kid1| client_side.cc(2321) parseHttpRequest: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:20.082 kid1| client_side.cc(2322) parseHttpRequest: HTTP Client REQUEST:<br>---------<br>CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> HTTP/1.1<br>User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0<br>Proxy-Connection: keep-alive<br>Connection: keep-alive<br>Host: <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a><br><br><br>----------<br>2016/02/07 07:08:20.082 kid1| client_side_request.cc(786) clientAccessCheckDone: The request CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is AUTH_REQUIRED, because it matched 'Winbind'<br>2016/02/07 07:08:20.083 kid1| errorpage.cc(1281) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.<br>2016/02/07 07:08:20.083 kid1| store.cc(995) checkCachable: StoreEntry::checkCachable: NO: not cachable<br>2016/02/07 07:08:20.083 kid1| client_side_reply.cc(1983) processReplyAccessResult: The reply for CONNECT <a href="http://0.client-channel.google.com:443">0.client-channel.google.com:443</a> is ALLOWED, because it matched 'Winbind'<br>2016/02/07 07:08:20.083 kid1| client_side.cc(1375) sendStartOfMessage: HTTP Client local=<a href="http://192.168.10.1:8080">192.168.10.1:8080</a> remote=<a href="http://192.168.10.100:51964">192.168.10.100:51964</a> FD 18 flags=1<br>2016/02/07 07:08:20.083 kid1| client_side.cc(1376) sendStartOfMessage: HTTP Client REPLY:<br>---------<br>HTTP/1.1 407 Proxy Authentication Required<br>Server: squid/3.3.8<br>Mime-Version: 1.0<br>Date: Sun, 07 Feb 2016 06:08:20 GMT<br>Content-Type: text/html<br>Content-Length: 3379<br>X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0<br>Vary: Accept-Language<br>Content-Language: en<br>Proxy-Authenticate: Basic realm="MyTest"<br>X-Cache: MISS from <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a><br>X-Cache-Lookup: NONE from <a href="http://gw.mylocalhost.fr:8080">gw.mylocalhost.fr:8080</a><br>Via: 1.1 <a href="http://gw.mylocalhost.fr">gw.mylocalhost.fr</a> (squid/3.3.8)<br>Connection: keep-alive<br><br><br>----------<br><br><br><br></div><div><br><br><br><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>>Amos<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div><br></div></div>