Re: [squid-users] [Fwd: Regarding Ldap+Squid]

2005-05-27 Thread Henrik Nordstrom 



On Thu, 26 May 2005, Sunil S wrote:



Helo Selvam,

1. I use auth param as below:

auth_param basic program /d2/sw/squid-3.0/libexec/squid_ldap_auth -u CN
-b CN=Users,DC=my,DC=company,DC=co,DC=in -h server_ip


Looks reasonable if you have a flat tree of users (all in the Users 
container) and use the full name as login name to the proxy.


For more advanced situations a search filter is required. See the 
squid_ldap_auth manual (shipped with Squid).



2. There should be a netlogon share on your domain controller
(server_ip in the above case) with a file named proxyauth and that
file should contain just one word allow inside it.


This is only required by the the smb_auth helper, not squid_ldap_auth.

Regards
Henrik

Re: [squid-users] [Fwd: Regarding Ldap+Squid]

2005-05-26 Thread Sunil S 

Helo Selvam,

1. I use auth param as below:

auth_param basic program /d2/sw/squid-3.0/libexec/squid_ldap_auth -u CN
-b CN=Users,DC=my,DC=company,DC=co,DC=in -h server_ip

2. There should be a netlogon share on your domain controller
(server_ip in the above case) with a file named proxyauth and that
file should contain just one word allow inside it.

This combination works for me.  Replace what is relevant for you.

Regards

Sunil




 Selvam E. [EMAIL PROTECTED] 05/23/05 1:06 PM 
 Original Message

Subject: [Fwd: Regarding Ldap+Squid]
From:Selvam E. [EMAIL PROTECTED]
Date:Mon, May 23, 2005 12:33 pm
To:  squid-users@squid-cache.org 
--

 Original Message

Subject: Regarding Ldap+Squid
From:Selvam E. [EMAIL PROTECTED]
Date:Mon, May 23, 2005 12:21 pm
To:  squid-users@squid-cache.org 
Cc:  Henrik Nordstrom [EMAIL PROTECTED]
--

Hi,

I am configure squid.conf with following setting for ldap
authentication.

auth_param basic program /usr/lib/squid/squid_ldap_auth -b
dc=quest,dc=com -D 'cn=Manager,dc=quest,dc=com' -w z -h 192.168.1.1
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off


acl mynet proxy_auth REQUIRED
acl badDomains dstdomain /etc/squid/baddomains
acl badIPs dst /etc/squid/badips


http_access allow localhost
deny_info ERR_BAD_DOMAIN badDomains
deny_info ERR_BAD_DOMAIN badIPs
http_access deny badDomains
http_access deny badIPs
#http_access allow mynet
#http_access deny all
http_access allow all


but iam unable to get authentication from LDAP.

Please help me.

Regards,

Selvam E.
Linux Administrator,
First Advantage Quest Research
Mumbai
Malad (W)
India












This e-mail message is only to be used by intended recipients and all others 
may kindly
delete it and notify the sender. Unless expressly authorized by HPCL, the views
expressed and the message itself is that of the individual sender and 
recipients are
cautioned to check messages/ attachments for any viruses before use. Users
acknowledge that messages may contain confidential, proprietary or privileged
information and that HPCL neither assures nor guarantees integrity or content of
messages.

[squid-users] [Fwd: Regarding Ldap+Squid]

2005-05-23 Thread Selvam E. 
 Original Message 
Subject: [Fwd: Regarding Ldap+Squid]
From:Selvam E. [EMAIL PROTECTED]
Date:Mon, May 23, 2005 12:33 pm
To:  squid-users@squid-cache.org
--

 Original Message 
Subject: Regarding Ldap+Squid
From:Selvam E. [EMAIL PROTECTED]
Date:Mon, May 23, 2005 12:21 pm
To:  squid-users@squid-cache.org
Cc:  Henrik Nordstrom [EMAIL PROTECTED]
--

Hi,

I am configure squid.conf with following setting for ldap authentication.

auth_param basic program /usr/lib/squid/squid_ldap_auth -b
dc=quest,dc=com -D 'cn=Manager,dc=quest,dc=com' -w z -h 192.168.1.1
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off


acl mynet proxy_auth REQUIRED
acl badDomains dstdomain /etc/squid/baddomains
acl badIPs dst /etc/squid/badips


http_access allow localhost
deny_info ERR_BAD_DOMAIN badDomains
deny_info ERR_BAD_DOMAIN badIPs
http_access deny badDomains
http_access deny badIPs
#http_access allow mynet
#http_access deny all
http_access allow all


but iam unable to get authentication from LDAP.

Please help me.

Regards,

Selvam E.
Linux Administrator,
First Advantage Quest Research
Mumbai
Malad (W)
India