[squid-users] LDAP related question.

Eliezer Croitoru eliezer at ngtech.co.il
Thu Jul 30 23:01:49 UTC 2015


I wanted to test the ext_ldap_group_acl so I created a ldap domain.
The command I am testing is:
/usr/lib/squid3/ext_ldap_group_acl -b "DC=ngtech,DC=local" -D 
"CN=admin,DC=ngtech,DC=local" -w "password" -f 
"(&(objectclass=person)(sAMAccountName=%v)(memberof=CN=%a,DC=ngtech,DC=local))" 
-h 127.0.0.1

Now I have entered "user1 int" and it should to my understanding reply 
with OK but it return ERR:
user1 int
ext_ldap_group_acl.cc(587): pid=27778 :Connected OK
ext_ldap_group_acl.cc(726): pid=27778 :group filter 
'(&(objectclass=person)(sAMAccountName=user1)(memberof=CN=int,DC=ngtech,DC=local))', 
searchbase 'DC=ngtech,DC=local'
ERR


Now the ldap structure is like this:
DC=ngtech, DC=local
-> CN=int
member-->user1
-> OU=users
--> CN=user1
(Not such a great painter.)

I was wondering that since it works for others I am doing something 
wrong but unsure what.
I was thinking of maybe I am doing something wrong but the next ldap 
search works:
  ldapsearch -h 127.0.0.1 -x -b "dc=ngtech,dc=local" "(cn=int)" memberUid
# extended LDIF
#
# LDAPv3
# base <dc=ngtech,dc=local> with scope subtree
# filter: (cn=int)
# requesting: memberUid
#

# int, ngtech.local
dn: cn=int,dc=ngtech,dc=local
memberUid: user1

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


So I am wondering what might be the cause for the issue? any ideas?

Eliezer



More information about the squid-users mailing list