[squid-users] problem with squid_ldap_auth

squid-list squid at visolve.com
Fri Oct 24 04:54:10 UTC 2014 

Hi,

I think the error is not with squid version, it might be the connection 
problem between proxy server and  LDAP server. Please, check the 
reachability of LDAP server from the proxy server and also Just check 
the DNS configuration whether you have correctly configured it in proxy 
server.

First, You can try the test connection to the LDAP sever from the 
terminal, if it succeed then you can modify the squid configuration. I 
have given a sample one, modify the domain and credentials according to 
your one and try.

         [root at test ~] #  /usr/lib64/squid/squid_ldap_auth -R -b 
"dc=test,dc=com" -D "CN=admin,DC=test,DC=com" -w "password" -f 
sAMAccountName=%s  -h 192.168.195.195
         username password
         OK

If you get the output "OK", then you have successfully tested the 
connection with the LDAP server. If you cannot establish the connection 
with LDAP server, then you will get the same error.

         [root at test ~] #  /usr/lib64/squid/squid_ldap_auth -R -b 
"dc=test,dc=com" -D "CN=admin,DC=test,DC=com" -w "password" -f 
sAMAccountName=%s  -h 192.168.195.195
         username password
         squid_ldap_auth: WARNING, could not bind to binddn 'Can't 
contact LDAP server'

Regards,
ViSolve Squid

On 10/24/2014 06:11 AM, Julie Xu wrote:
>
> Hi
>
> I have squid installed and trying to contact Ldap.
>
> Below command is working for older squid, but not new one and both 
> server are Redhat 6.5 (Santiago)
>
> auth_param basic program /usr/lib64/squid/squid_ldap_auth -b 
> ou=xx,dc=xx,dc=xx,dc=xx,dc=xx -f (&(cn=%s)(objectClass=*)) -u cn -s 
> sub -P -c 5 -t 5 -R -a never -D 
> cn=Lookup,ou=xx,dc=xx,dc=xx,dc=xx,dc=xx -w xxxxx mydomain
>
> error message is:
>
> squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
> server'
>
> squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
> server'
>
> squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
> server'
>
> to stop type isse, I have scp the squid.conf from older one to new 
> one? And restart the squid; and also tried to copy firewall 
> configuration over to new box, in case some firewall issue. It is 
> still not help.
>
> Could any one advice me what is the possible issue related?
>
> Any comments will be appreciated
>
> Thanks in advance
>
> Julie
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141024/95c9fb72/attachment-0001.html>

More information about the squid-users mailing list