Re: [squid-users] user authentication using multiple LDAP servers.
ons 2010-05-12 klockan 16:18 +0530 skrev Sagar:
> Is squid able to authenticate users from 2 different LDAP servers for
> company A & Company B. (ldap.companyA.com, ldap.companyB.com)
Yes, with a little simple glue.
This is best done if you can identify which company the user belongs to
based on his login name. And you MUST NOT have overlapping login names
where the same login name is used by both companies.
The following example glue in perl sends all logins beginning with a-f
to one LDAP server, the rest to another. Completely untested, but should
give you an idea.
#!/usr/bin/perl
$|=1;
open(LOGIN1,"|/usr/local/squid/libexec/squid_ldap_auth -b dc=example,dc=com -R
-f uid=%s XX.XX.XX.XX");
open(LOGIN2,"|/usr/local/squid/libexec/squid_ldap_auth -b dc=example,dc=net -R
-f uid=%s YY.YY.YY.YY");
while(<>) {
if (/^[a-f]/) {
print LOGIN1 $_;
} else if {
print LOGIN2 $_;
}
}
Re: [squid-users] user authentication using multiple LDAP servers.
2010/5/12 Sagar > > Hi All, > > We are two sister concern companies using one single infrastructure. > > We have 1 LDAP server (ldap.company.com) which is used for > authentication on squid proxy server. > > However we have 2 different user groups already in place for the two > companies. > > Going ahead we want to split the LDAP servers for the two companies, > and there would be only 1 squid proxy server and single internet > connectivity. > > Is squid able to authenticate users from 2 different LDAP servers for > company A & Company B. (ldap.companyA.com, ldap.companyB.com) > > > -- > Regards. > Sagar Navalkar. Hi. I had the same problem some time ago. Squid or squid_ldap_auth don't support multiple LDAP servers so I wrote. http://github.com/diegows/squid_multi_ldap There is a poor README there with the instructions. Let me know if you need something. Regards, Diego -- Diego Woitasen XTECH
