Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Squid & ldap auth to edirectory

1 view
Skip to first unread message

Nick

unread,
Jul 20, 2004, 3:45:40 PM7/20/04
to
Hi, I've seen a number of tech notes, but I still can't get Squid to
authenticate users against edirectory via ldap. Can someone give me a
step by step guide for SuSE 8.2 and Edirectory 8.7? I can't even test
the connection using squid_ldap_auth program as I don't know what the
base and dn parameters should be.

Thanks in advance for any help......

Nick

--

Lee Garner

unread,
Jul 21, 2004, 9:58:56 AM7/21/04
to
Nick wrote:

I haven't used Squid (with directories, that is), but you can test with
"ldapsearch", part of OpenLDAP. It's probably installed, try "which
ldapsearch" or "find / -name ldapsearch" to find it. Once that works
and you verify that you can look up info from the directory you can
continue with Squid.

The base DN is usually "o=organization" for Novell. The DN you refer to
might be the LDAP proxy user.

Steven Bellamy

unread,
Jul 22, 2004, 10:59:43 AM7/22/04
to
This is what I have in my squid.conf file.
I use the LDAP Proxy User account, and created a group called 'Internet
Access'. I also downloaded the squid_ldap_auth binary from the
forge.novell.com website (search for squid)

auth_param basic program /usr/sbin/squid_ldap_auth -b o=<place
organisational unit info here..., LDAP will search below this
directory...> -u cn -s sub -D cn=LDAPProxyUserAccount,o=<place
organisational unit info here...>,ou=<place organisational unit info
here...> -f "(&(&objectClass=person) (cn=%s))
(groupMembership=cn=InternetAccess,o=<place organisational unit info
here>))" <IP-Address of the LDAP server>

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

This link was also helpful...
http://www.madriver.k12.oh.us/technology/whitepapers/squid-edirectory.pdf


Hope this helps...

"Nick" <ni...@dev.null> wrote in message
news:EDeLc.7275$gg....@prv-forum2.provo.novell.com...

0 new messages