an: squid-users@lists.squid-cache.org
> Onderwerp: Re: [squid-users] squid_ldap_auth: WARNING, LDAP search error
> 'Referral'
>
> On 19/05/2016 12:25 a.m., Manduva, Ranga Sai wrote:
> > Hi,
> >
> > Does anyone had similar issue ?? Is there any workaround for it ?
> Somet
On 19/05/2016 12:25 a.m., Manduva, Ranga Sai wrote:
> Hi,
>
> Does anyone had similar issue ?? Is there any workaround for it ? Something
> like configure squid to follow referral etc..
>
Squid has nothing to do with those layers of operations. The closest it
gets is to pass the helper command
Hi,
Does anyone had similar issue ?? Is there any workaround for it ? Something
like configure squid to follow referral etc..
Thanks.
Regards,
Ranga
-Original Message-
From: Manduva, Ranga Sai
Sent: Monday, May 16, 2016 6:32 PM
To: 'squid-users@lists.squid-cache.org'
Hello,
I am receiving this error while authenticating a user with the AD and the
internet access is denied. I know there is a switch '-R' to explicitly enable
do not follow referrals which I am not using here.
Did anyone faced similar issue ? My AD is using nested groups between domains
where
Hi guys
Im trying to use squid with active directory 2008 R2 as an external
authentication
On DC called smart.ps
Create user squid and gave it delegation to the dc and put it also in the
group admins in the OU=proxy
Also create user with username a and pwd 11
Now on my linux box
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/12/2014 12:03 p.m., Ahmed Allzaeem wrote:
Hi guys
Im trying to use squid with active directory 2008 R2 as an
external authentication
On DC called smart.ps
Create user squid and gave it delegation to the dc and put it also
in the
I have several squids authenticating users using ldap_auth and it
works fine. Users are located on the 'Users' OU and my config lines are:
(single line)
auth_param basic program /usr/lib/squid/squid_ldap_auth -P -R -b
dc=myad,dc=domain -D cn=ProxyUser,cn=Users,dc=myad,dc=domain
-w
I got your point, I have to find out what group the user need to be
for this, I let u know asap.
Now that say:
The minimum necessary privileges for that one action and the user
account to remain usable may be changed by the AD authors without
warning between patches/servicepacks to AD, or you
Hi.
I setup squid to authenticate with windows 2008R2 AD native using
squid_ldap_auth
My question is regarding of the user we use in the flag binddn, all
the docs I had read just tell:
minimal privileges
I create a normal user, but squid_ldap_auth reject the user:
squid_ldap_auth: WARNING,
On 5/07/2013 4:57 p.m., Beto Moreno wrote:
Hi.
I setup squid to authenticate with windows 2008R2 AD native using
squid_ldap_auth
My question is regarding of the user we use in the flag binddn, all
the docs I had read just tell:
minimal privileges
I create a normal user, but squid_ldap_auth
On 4/04/2013 7:35 a.m., Pavel Bychykhin wrote:
According to the documentation, setting keep_alive to off makes
Squid more stable in some circumstances.
I'm using off for keep_alive - no problems.
03.04.2013 20:58, Alípio Luiz пишет:
I did a test setting the parameter keep_alive to off in
I had a similar problem solved it by running a two instance of Squid.
The first instance uses the negotiate_wrapper for GSSAPI and NTLM helpers.
The second one uses basic and digest schemes.
As i understand it, the fact is that the browsers themselves choose what kind
scheme to use.
I.e., one
I did a test setting the parameter keep_alive to off in auth_param
negotiate. It worked...
A question: Is there any problem on keeping the keep_alive parameter off?
2013/4/3 Pavel Bychykhin bychykhin@hts.kh.ua:
I had a similar problem solved it by running a two instance of Squid.
The first
According to the documentation, setting keep_alive to off makes Squid more
stable in some circumstances.
I'm using off for keep_alive - no problems.
03.04.2013 20:58, Alípio Luiz пишет:
I did a test setting the parameter keep_alive to off in auth_param
negotiate. It worked...
A question: Is
I have squid configured with kerberos (squid_kerb_auth) to
authenticate users against Active Directory. The SSO is working well
for users logged on domain...
For users out of domain, I configured squid_ldap_auth +
squid_ldap_group. However, the authentication only work after the
third try of
15.06.2012 4:51, Amos Jeffries пишет:
On 14/06/2012 11:25 p.m., Павел Бычихин wrote:
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
* LDAP is a database access
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
--
С уважением,
Павел Бычихин
КП ХТС
тел. (057) 758-84-12
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver.
is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
* GSSAPI is a Windows function API.
One guess which squid_ldap_auth uses?
You want SASL you
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
* GSSAPI is a Windows function API.
One guess which
On 14/06/2012 11:25 p.m., Павел Бычихин wrote:
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID
ver. is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
*
On 19/04/2012 6:59 p.m., Beto Moreno wrote:
Hi people.
I had been reading info about squid_ldap_auth vs windows 2003 AD
server, I have some questions that would like to know if someone can
clear my brain.
squid 2.7.x.
Hi people.
I had been reading info about squid_ldap_auth vs windows 2003 AD
server, I have some questions that would like to know if someone can
clear my brain.
squid 2.7.x.
Went a user have special characters on his password, once the browser
open the credential window it won't accept the
On 10/03/11 00:04, Paul wrote:
In the last 24 hours I've started seeing thousands of requests to my
LDAP server being sent by the squid_ldap_auth helper. In my cache.log
I'm seeing hundreds of squid_ldap_auth: WARNING, LDAP search error
'Can't contact LDAP server' entries, interspersed with
The squid_ldap_auth: lines are coming from the helper. The problems
is exactly as stated, the LDAP server is not answering connection
requests.
The commBind: lines are from squid itself. Squid-2 always uses
bind(), even if there is no address being bound. That message
indicates
In the last 24 hours I've started seeing thousands of requests to my
LDAP server being sent by the squid_ldap_auth helper. In my cache.log
I'm seeing hundreds of squid_ldap_auth: WARNING, LDAP search error
'Can't contact LDAP server' entries, interspersed with 2011/03/09
10:49:29| commBind:
Hey all,
I have ldap authentication working in squid 3.1.3, and it works
wellexcept that the user has to authenticate everytime they open a
browser window. All the users are XP using IE. I have another squid (2.5)
instance running using NTLM and they only need to type in their credentials
Le mardi 4 mai 2010 14:10:00, burbankmarc a écrit :
Hey all,
I have ldap authentication working in squid 3.1.3, and it works
wellexcept that the user has to authenticate everytime they open a
browser window. All the users are XP using IE. I have another squid (2.5)
instance running
I configured our squid to authenticate with squid_ldap_auth
squid_ldap_group against an active-directory. With the parameter -h
[ip-address of domain-controller], I'm able to define one ore more of
our ldapservers (domain-controllers) for querying. But the setting
with the specified failover-dc
Hi,
I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21
with squid_ldap_auth for authentication with Microsoft AD.
Scenario :
Client username : jack
Microsoft AD Domain : foo
Basically internet explorer or other browser will automatically insert
Hi,
I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21
with squid_ldap_auth for authentication with Microsoft AD.
Scenario :
Client username : jack
Microsoft AD Domain : foo
Basically internet explorer or other browser will automatically insert
lör 2009-10-31 klockan 21:23 +0800 skrev Hendrik Suantio:
Basically internet explorer or other browser will automatically insert
username foo\jack and password the same as login password for the
authentication, but when I check with :
No it won't.
MSIE can perform authmatic NTLM
Benjamin Fleckenstein wrote:
Hi there,
I've tried to set up a connection from a Squid Proxy (Version 2.6.STABLE10) to
our AD Server (Windows 2003 Server). I've already tried several commands but
there always appears an error. I already checked different forums and manuals
but I don't get the
Hi there,
I've tried to set up a connection from a Squid Proxy (Version 2.6.STABLE10) to
our AD Server (Windows 2003 Server). I've already tried several commands but
there always appears an error. I already checked different forums and manuals
but I don't get the connection to work.
For
Hi all,
I'm unable to get squid_ldap_auth to do anything against my LDAP
source which is a Windows 2003 native mode domain controller. Here's
my latest iteration of failed attempts, although I have also tried
many variations of the below.
/usr/lib64/squid/squid_ldap_auth \
-b dc=corp,dc=ads \
-h
Mariano Aller wrote:
Im trying to autheticate and authorize users of MS active directory
(Win2003) with squid_ldap_auth and squid_ldap_group , it’s work fine but I
have some users (ie muñoa, peña) that can’t. Its possible ?
Squid has problems with non-us-ASCII characters in usernames.
Amos
Amos
Has problems or dosnt support it ?
Mariano.
Mariano Aller wrote:
Amos
Has problems or dosnt support it ?
Mariano.
Problems.
Maybe these will help you track the issue down:
http://www.squid-cache.org/mail-archive/squid-users/200407/0845.html
Or there is a patch if it turns out to be the charset problem:
Thanks Amos.
-Mensaje original-
De: Amos Jeffries [mailto:squ...@treenet.co.nz]
Enviado el: viernes, 27 de febrero de 2009 10:13 a.m.
Para: Mariano Aller
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
Amos
Has problems
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
Amos
Has problems or dosnt support it ?
Mariano.
Problems.
Maybe these will help you track the issue down:
http://www.squid-cache.org/mail-archive/squid-users/200407/0845.html
a.m.
Para: Mariano Aller
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
Amos
Has problems or dosnt support it ?
Mariano.
Problems.
Maybe these will help you track the issue down:
http://www.squid-cache.org/mail-archive/squid-users
Im trying to autheticate and authorize users of MS active directory
(Win2003) with squid_ldap_auth and squid_ldap_group , its work fine but I
have some users (ie muñoa, peña) that cant. Its possible ?
Thanks.
Mariano.
Henrik,
I have tried LDAP authentication in the past and stop using it becouse
of the passwords being sent in clear text. I read about TLS but then I
would need my DC to be a CA and that is not feasible at the moment. So
Im testing NTLMSSP now, but is not being very stable and also read
that is
On fre, 2008-11-14 at 10:31 -0600, Johnson, S wrote:
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are coming in as clear text passwords. Is there anyway we can
encrypt the ldap domain requests?
By
Since this is going to be a public network, people will have the
ability to load wireshark or another sniffer program.
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are coming in as clear text
Johnson, S wrote:
Since this is going to be a public network, people will have the
ability to load wireshark or another sniffer program.
Ah, okay.
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are
i get the following error
[EMAIL PROTECTED] ~]# /usr/lib/squid/squid_ldap_auth -b
ou=people,dc=cbsl,dc=lk
-f uid=%s -d
gayanku cbsl
user filter 'uid=gayanku', searchbase 'ou=people,dc=cbsl,dc=lk'
squid_ldap_auth: ../../../libraries/libldap/search.c:189: ldap_search:
Assertion `ld != ((void
Hello,
The squid_ldap_auth man page says you can specify LDAP servers at the
end of the command line. If I specify more than one server would the
first one be queried first and then the second one queried if the query
to the first server times out? I basically would like to specify a
failover
Klaubert Herr da Silveira-2 wrote:
Andrew,
by my quick research the group Domain Users are a special group, and
are not a good group do this job, maybe is better to use other group
where you turn all users members off it.
To include a check of group you should use a ldap filter in
But I have restructured AD2003. And groups changed to organization unit. I
changed my message on the nabble.com.
I have my users:
in a OU=Unibel, user=unibel and
in a default container 'Users' user=squidtest.
Authentication for users in the 'Users' container works well:
./squid_ldap_auth -u
Andrew,
by my quick research the group Domain Users are a special group, and
are not a good group do this job, maybe is better to use other group
where you turn all users members off it.
To include a check of group you should use a ldap filter in your
request, something like this:
-f
On fre, 2007-09-21 at 17:23 +0100, Darren Durbin wrote:
I'm using the following in the squid.conf (edited to remove site info) :
auth_param basic program /usr/lib/squid/squid_ldap_auth -f
SamAccountName=%s -d -b dc=company,dc=co,dc=uk -D
cn=,cn=Users,dc=company,dc=co,dc=uk -P -w
Hello,
I'm trying to get Squid 2.6.STABLE13 from FC6 to authenticate against a
Windows 2003 Active Directory Domain but I'm getting the following error
squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP
server'
I'm using the following in the squid.conf (edited to remove site
Hi, Henrik.
Henrik Nordstrom wrote:
2) the RFC rfc2254 defined the excaping of the characeters. it doesnt
say that spaces need to be escaped, but, since squid_ldap_group doesn't
accept neither quotes nor doublequotes, I tried to use RFC2254 escaping
when using squid_ldap_group from shell.
Hi.
I'm, trying to replace 'ntlm_auth' helper with
'--require-membership-of=' key due to the growing compexity of squid
acls in case of using different authentication schemes simultaneously.
I'm authenticating Active Directory users in AD domain, plus I use the
AD to grant access based on
mån 2007-03-05 klockan 16:35 +0500 skrev Eugene M. Zheganin:
I have read about the squid_ldap_group and decided to use it, because it
restores the config management scheme back to its base. I successfully
created and set up all the needed acls, removed the blocking acls and
start using
tis 2006-12-19 klockan 16:07 +0100 skrev [EMAIL PROTECTED]:
I'm using squid_ldap_auth to authenticate against our LDAP server.
Our LDAP server accepts only ldaps (port 636) and anonymouse simple bind is
disabled.
And now my problem... squid_ldap_auth doesn't work:
$ echo user password |
Hello squid-users,
hello Henrik,
I'm using squid_ldap_auth to authenticate against our LDAP server.
Our LDAP server accepts only ldaps (port 636) and anonymouse simple bind is
disabled.
I've copied the certificate of the LDAP server to the squid cache and
configured it in /etc/ldap/ldap.conf:
Yes, that's it. Now I will try to understand it.
Thank you.
Marcelo Koehler
Wed, 25 Oct 2006 16:35:17 +0200, Mark Elsen [EMAIL PROTECTED] escreveu:
http_access allow internalnet
http_access allow domainusers
...
Try :
http_access allow internalnet domainusers
(don't forget
Yes, that's it. Now I will try to understand it.
http_access rules are acknowledged on a first match basis,
therefore you must write an AND(ed) condition, stating
the both conditions must be met :
http_access allow internal_net domainusers
M.
http_access allow internalnet
http_access allow domainusers
...
Try :
http_access allow internalnet domainusers
(don't forget 'squid -k reconfigure')
M.
mån 2006-07-31 klockan 11:18 -0600 skrev sOngUs:
squid_ldap_auth -R -b cn=users,dc=mydomain,dc=com -D
cn=administrator,cn=Users,dc=mydomain,dc=com -w mypassword -f
sAMAccountName=%s -h 192.168.0.1 (which is the IP address of the AD
server.)
But then id does nothing and if i press ENTER i
632 1708
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: 01 August, 2006 08:30
To: sOngUs
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] squid_ldap_auth to authtenticate on Active Directory
2000
mån 2006-07-31 klockan 11:18 -0600 skrev sOngUs
Hello list, this is the first time i post here, so i hope im posting
in the right place.
Im having difficulties to setup authentification with the squid module
squid_ldap_auth
im using squid-2.6.0 ,on a slackware box, trying to test with the line:
squid_ldap_auth -R -b
Hi all,
Problem solved :)
There were two problems:
1. You MUST use -v 3 as option for squid_ldap_auth
2. My search filter was wrong
Now all works great!
Best regards,
Chris
___
SMS schreiben mit WEB.DE FreeMail - einfach, schnell
Hello all,
i have a problem with the squid_ldap_auth helpers. I'm trying to authenticate
against an Active Directory (W3K). For the following command this works fine:
./squid_ldap_auth -b ou=myOU,dc=foo,dc=domain,dc=com -s sub -D [EMAIL
PROTECTED] -w squidpwd -f
No, it does not work without an ou-part (what I had tried before):
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company,dc=com \
-w topsecret \
-b
mån 2006-03-13 klockan 09:27 +0100 skrev [EMAIL PROTECTED]:
No, it does not work without an ou-part (what I had tried before):
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D cn=adminaccount,ou=Service
Subject: AW: [squid-users] squid_ldap_auth and filters
No, it does not work without an ou-part (what I had tried before):
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company,dc=com
squid_ldap_auth (of Squid 2.5 Stable 12) works fine with this script:
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company,dc=com \
-w topsecret \
-b ou=DE,dc=emea,company,dc=com \
fre 2006-03-10 klockan 12:27 +0100 skrev [EMAIL PROTECTED]:
squid_ldap_auth (of Squid 2.5 Stable 12) works fine with this script:
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D cn=adminaccount,ou=Service
Has anybody come across this problem of getting Squid_ldap_auth to get
users off of a NDS ldap server? ldapsearch can connect to it fine, and I
can see the users, but when I use it to auth with squid. It gives me a
ERR Success message. Also, do you know where or how I can turn the logs
on to
Has anybody come across this problem of getting Squid_ldap_auth to get
users off of a NDS ldap server? ldapsearch can connect to it fine, and I
can see the users, but when I use it to auth with squid. It gives me a
ERR Success message. Also, do you know where or how I can turn the logs
on to
Hi All,
Anybody could help with squid_ldap_auth usage examples?
Say, I'd like to athenticate users belogning to the group Internet in
DC=domain, DC=com, OU=Users (Microsoft AD)
Thanks a lot!
Alex
-
The information
On Fri, 13 Jan 2006, Meyerovich Aleksandr EB_NY wrote:
Anybody could help with squid_ldap_auth usage examples?
There is several in the man page.
Say, I'd like to athenticate users belogning to the group Internet in
DC=domain, DC=com, OU=Users (Microsoft AD)
Then you probably should
Is there anyway to have these auth helpers use more than one domain
controller for lookups so that if one ldap server doesn't respond it tries
another?
Thanks,
Colin Farley
-cache.org
cc
Subject
Re: [squid-users
Hi,
At 16.32 10/11/2005, Colin Farley wrote:
Thanks for the reply. I had a look at the article and I don't think that
it explains my situation. My squid_ldap_auth command points to a squid
user and supplies a password so I am not doing anonymous searches. I think
the fact that it works when
We have a few production squid proxy servers running various STABLE
versions of squid 2.5 and are encountering some issues as we upgrade our
Domain controllers from windows 2000 to windows 2003. The proxy servers
query the LDAP directory for user access control. Ideally, we would like
all
Hi,
At 22.25 09/11/2005, Colin Farley wrote:
So, it seems that Windows 2003 domain
controllers have added security that stops searches beginning from the base
of the domain and searches must start within an ou. Has anyone encountered
this? Are there any fixes that anyone is aware of? Any
: [squid-users] squid_ldap_auth from shell
On Fri, 21 Oct 2005, John Halfpenny wrote:brbr My basic authenticator
works fine, in the formbrbr /usr/lib/squid/squid_ldap_auth -b
ou=Users,dc=my,dc=domainbr myname mypasswordbr OKbrbrOk.brbr I
have noticed that my LDAP group doesn't have a 'member
On Fri, 21 Oct 2005, John Halfpenny wrote:
My basic authenticator works fine, in the form
/usr/lib/squid/squid_ldap_auth -b ou=Users,dc=my,dc=domain
myname mypassword
OK
Ok.
I have noticed that my LDAP group doesn't have a 'member' attribute, but it
does have 'memberUid'. On my
Hi Everyone,
Hope you can help. I'm trying to set up LDAP authentication based on group
membership on a Linux Server running squid 10 stable 11.
I've read from the archives that it is a two stage process, and presently the
group membership from the bash prompt is giving me a bit of a
Hello,
I have a Squid 2.5stable10 running with LDAP_Auth and ldap Group
authentication, running against one of our Domain Controllers
Everything is fine so far, and (allmost) everyone can surf the internet.
BUT:
A few users get an ERR success Message when executing the squid_ldap_auth
script
On Sat, 6 Aug 2005, c.s.r.c.murthy wrote:
Dears all,
Has anybody tried and successful in compiling squid_ldap_auth with
option -DNETSCAPE_SSL ?. When I do it, I get following errors
Do you have the Netscape LDAP API?
Have you told the compiler where to find this API libraries and
Dears all,
Has anybody tried and successful in compiling squid_ldap_auth with
option -DNETSCAPE_SSL ?. When I do it, I get following errors
squid_ldap_auth.o: In function `main':
/usr/local/downloads/squid-2.5.STABLE6/helpers/basic_auth/LDAP/squid_ldap_auth.c:424:
undefined reference to
hello,
i try to test the auth_param_basic option in the squid.conf on the
commandline but got problem configuring the search filter.
the users who gain access to the www, should enter the sAMAccountName and
the password stored in the ad-tree. i use this command but get always an
error after
I have checked the nsswitch.conf and hosts are in the
same order.
Yes I am able to ping the ADS servers with their FQDN
when the DNS is down but not to any other PCs
Regards
Babs
--- it clown [EMAIL PROTECTED] wrote:
look at your nsswitch.conf.
hosts: files dns
If you add that to
Interestingly Henrik , I have added those ADS servers
IPs in /etc/hosts when i setup the proxy and still I
dont know why this happend. Anything you want me to
check it up?
Regards
Babs
--- Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Thu, 21 Apr 2005, Babs wrote:
Hi
As the linuxbox
Okei Thats looks to be the reason for this auth
failure. Thanks a lot for this info Micheal.
thanx regards
Babs
--- Michael Wray [EMAIL PROTECTED] wrote:
That's because the authenticators need to verify
WHERE to authenticate via
dns...so the look for the special SRV entries that
AD has for
look at your nsswitch.conf.
hosts: files dns
If you add that to nsswitch.conf it will first look at your
/etc/hosts file and then dns. Make sure you have your AD pc
in /etc/hosts.
to be able to connect to AD you need dns to resolv its
name. Can you ping any pc on network with its FQDN when
On Sat, 23 Apr 2005, Babs wrote:
Interestingly Henrik , I have added those ADS servers
IPs in /etc/hosts when i setup the proxy and still I
dont know why this happend. Anything you want me to
check it up?
next time, check if you can reach the ADS servers using ldapsearch.
Regards
Henrik
Hi
As the linuxbox access the Win2K box running ADS for
getting the user authenticated using squid_ldap_auth,
when the machine running DNS goes down linuxbox is
not able to reach the Win2K box running ADS I suppose.
As soon as the DNS system came back to life
authentication is working fine.
That's because the authenticators need to verify WHERE to authenticate via
dns...so the look for the special SRV entries that AD has for _kerberos and
_ldap, if he can't get a response on those entries, then it is assumed that
they are unreachable.
On Thursday 21 April 2005 10:21 am, Babs
On Thu, 21 Apr 2005, Babs wrote:
Hi
As the linuxbox access the Win2K box running ADS for
getting the user authenticated using squid_ldap_auth,
when the machine running DNS goes down linuxbox is
not able to reach the Win2K box running ADS I suppose.
As soon as the DNS system came back to life
Hi
I am facing the same problem once again, the
authentication from the browser appears repeatedly and
gives a authentication error. cache.log reports
Squid_Ldap_Auth error: Cant Contact LDAP Server.
This time I made sure things are fine with Msbox and
with a nmap, I could see the ldap ports in
Hi All!
At last I found out whats causing this trouble. It is
my DNS was causing this whole problem. If you get this
error make sure your DNS is working properly. Even
though I had specified the servers in hosts file still
somehow it was using my DNS which was pointing outside
my network. I
On Wed, 13 Apr 2005 [EMAIL PROTECTED] wrote:
Everything is working fine without SSL encryption.
Good.
Now i want to aktivate the TLS option for the squid_ldap_auth. When i add
the option -Z ( and -v 3 ) i will reveive the message Could not Activate
TLS connection.
TLS is working with our
Hello,
we are using SuSE SLES9 with Squid Cache: Version 2.5.STABLE5.
We are using LDAP authentication with novell netware edirectory.
Everything is working fine without SSL encryption.
Now i want to aktivate the TLS option for the squid_ldap_auth. When i add
the option -Z ( and -v 3 ) i
- Check whether the LDAP server is running on the
MS-AD box.
* Check eventvwr , watchout for system or app.
errors.
- Verify further by contacting the LDAP server
manually from the squid box.
squidhost % telnet ms-ads_host 443
Should at least establish a
Yup I did that and I am able telnet to the MS-ADS port
in the server.
I ran a nmap and I could see the ports listed on the
MS box. I rebooted the ms-box and It looks be this are
fine so I am suspecting the ms-box doing something
fishy, but I am getting nervous again as I got around
50
1 - 100 of 214 matches
Mail list logo
