[squid-users] Squid LDAP Auth ?

Olivier CALVANO o.calvano at gmail.com
Sat Feb 6 11:01:29 UTC 2016


Hi

i want configure Squid to use a Windows AD LDAP.

in commande line that work:


[root at gw squid]# ./basic_ldap_auth -R -b 'dc=mydomain,dc=fr' -f
'sAMAccountName=%s' -D 'cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr' -w
'Pa77word' -t 3 -H 192.168.10.1
Test Goodpassword
OK
Test badpassword
ERR Success




but when i connect to squid, my browser request the login/pass all time
and in a logs i have:

basic_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'
2016/02/06 11:56:51.376 kid1| client_side.cc(1375) sendStartOfMessage: HTTP
Client local=192.168.10.1:8080 remote=192.168.10.100:60716 FD 18 flags=1
2016/02/06 11:56:51.376 kid1| client_side.cc(1376) sendStartOfMessage: HTTP
Client REPLY:
---------
HTTP/1.1 407 Proxy Authentication Required
Server: squid/3.3.8
Mime-Version: 1.0
Date: Sat, 06 Feb 2016 10:56:51 GMT
Content-Type: text/html
Content-Length: 3476
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="MyTest"
X-Cache: MISS from gw.mylocalhost.fr
X-Cache-Lookup: NONE from gw.mylocalhost.fr:8080
Via: 1.1 gw.mylocalhost.fr (squid/3.3.8)
Connection: keep-alive



my squid.conf config:

auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b
'dc=mydomain,dc=fr' -f 'sAMAccountName=%s' -D
'cn=UserAdmin,ou=vpn,dc=mydomain,dc=fr' -w 'Pa77word' -t 3 -H 192.168.10.1
auth_param basic children 40 startup=5 idle=1
auth_param basic realm MyTest
auth_param basic credentialsttl 2 hours



a idea of my errors ?

thanks
Olivier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160206/7fb703d5/attachment.html>


More information about the squid-users mailing list