[squid-users] LDAP related question.
Eliezer Croitoru
eliezer at ngtech.co.il
Fri Jul 31 12:29:13 UTC 2015
I managed to make it work!
I am using ubuntu 14.04.2 with openLDAP and phpldapadmin.
I have changed my server to look like yours and it still didn't work.
So what I did was this: I changed the command to:
/usr/lib/squid3/ext_ldap_group_acl -d -b "dc=ngtech,dc=local" -D
"cn=admin,dc=ngtech,dc=local" -w password-f
"(&(objectClass=*)(memberUid=%u)(cn=%g))" -h 127.0.0.1
Which actually works great.
I enter:"user1 parents" and it says OK.
I have been reading that there might be a reason that memberOf will not
work as expected and was hoping someone here might know about it.
Thanks,
Eliezer
On 31/07/2015 12:45, Dan Purgert wrote:
> external_acl_type ldapgroup %LOGIN /usr/lib/squid3/ext_ldap_group_acl -b
> "ou=users,dc=example,dc=org" -D "cn=admin,dc=example,dc=org" -W
> /etc/squid3/pass.in -f
> (&(objectClass=*)(uid=%u)(memberof=cn=%g,ou=ldapGroups,dc=example,dc=org))
> -h ldap.example.org
>
> I was having trouble with the object class myself ... but the LDAP group
> is small (like 30 people, and nothing else like printers or anything),
> so having a "too big" objectClass base isn't the end of the world.
More information about the squid-users
mailing list