[squid-users] Squid Cache: Version 3.5.16 and ext_ldap_group_acl
Thomas Elsäßer
elsaesser at animate.de
Tue Apr 12 08:36:25 UTC 2016
Dear all,
I call from Shell:
/usr/local/squid/libexec/ext_ldap_group_acl -d -R -b
"OU=UMW,DC=a,DC=b,DC=de" -D "XXXXXXX at a.b.DE" -w "XXXXXXX" \
-f
"(&(objectClass=person)(sAMAccountName=%v)(MemberOf=CN=%g,OU=DomLokaleGruppen,OU=Gruppen,OU=Benutzer,OU=Min-PRD,OU=XXX,DC=a,DC=b,DC=de))"
-h dc.a.b.de
I type:
username groupname
and the command return OK
If i configure this in squid:(same command how type in shell)
external_acl_type ldap_group %LOGIN
/usr/local/squid/libexec/ext_ldap_group_acl -d -R -b
"OU=UMW,DC=a,DC=b,DC=de" -D "XXXXXXX at a.b.DE" -w "XXXXXXX" \
-f
"(&(objectClass=person)(sAMAccountName=%v)(MemberOf=CN=%g,OU=DomLokaleGruppen,OU=Gruppen,OU=Benutzer,OU=Min-PRD,OU=XXX,DC=a,DC=b,DC=de))"
-h dc.a.b.de
And i trace the helper process, i can see that squid replace the %v with
username at a.b.de
So the helper give an ERR return to squid.
Where can i this configure , that passed variable is only the username ?
Thanks for help,
Thomas
More information about the squid-users
mailing list