I got your point, I have to find out what group the user need to be
for this, I let u know asap.
Now that say:
"The minimum necessary privileges for that one action and the user
account to remain usable may be changed by the AD authors without
warning between patches/servicepacks to AD, or you ma
On 5/07/2013 4:57 p.m., Beto Moreno wrote:
Hi.
I setup squid to authenticate with windows 2008R2 AD native using
squid_ldap_auth
My question is regarding of the user we use in the flag binddn, all
the docs I had read just tell:
"minimal privileges"
I create a normal user, but squid_ldap_auth
Hi.
I setup squid to authenticate with windows 2008R2 AD native using
squid_ldap_auth
My question is regarding of the user we use in the flag binddn, all
the docs I had read just tell:
"minimal privileges"
I create a normal user, but squid_ldap_auth reject the user:
squid_ldap_auth: WARNING,
On 4/04/2013 7:35 a.m., Pavel Bychykhin wrote:
According to the documentation, setting keep_alive to "off" makes
Squid more stable in some circumstances.
I'm using "off" for keep_alive - no problems.
03.04.2013 20:58, Alípio Luiz пишет:
I did a test setting the parameter keep_alive to off in a
According to the documentation, setting keep_alive to "off" makes Squid more
stable in some circumstances.
I'm using "off" for keep_alive - no problems.
03.04.2013 20:58, Alípio Luiz пишет:
I did a test setting the parameter keep_alive to off in auth_param
negotiate. It worked...
A question: Is
I did a test setting the parameter keep_alive to off in auth_param
negotiate. It worked...
A question: Is there any problem on keeping the keep_alive parameter off?
2013/4/3 Pavel Bychykhin :
> I had a similar problem solved it by running a two instance of Squid.
> The first instance uses the nego
I had a similar problem solved it by running a two instance of Squid.
The first instance uses the negotiate_wrapper for GSSAPI and NTLM helpers.
The second one uses basic and digest schemes.
As i understand it, the fact is that the browsers themselves choose what kind
scheme to use.
I.e., one bro
I have squid configured with kerberos (squid_kerb_auth) to
authenticate users against Active Directory. The SSO is working well
for users logged on domain...
For users out of domain, I configured squid_ldap_auth +
squid_ldap_group. However, the authentication only work after the
third try of user.
15.06.2012 4:51, Amos Jeffries пишет:
On 14/06/2012 11:25 p.m., Павел Бычихин wrote:
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
* LDAP is a database access proto
On 14/06/2012 11:25 p.m., Павел Бычихин wrote:
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID
ver. is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
* GSSA
14.06.2012 13:11, Amos Jeffries пишет:
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
* GSSAPI is a Windows function API.
One guess which squ
On 14/06/2012 7:57 p.m., Павел Бычихин wrote:
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver.
is 3.1.19)
* LDAP is a database access protocol
* SASL is a framework layer.
* GSSAPI is a Windows function API.
One guess which squid_ldap_auth uses?
You want SASL you
Hi!
Is it possible to use squid_ldap_auth with SASL/GSSAPI (My SQUID ver. is 3.1.19)
--
С уважением,
Павел Бычихин
КП "ХТС"
тел. (057) 758-84-12
On 19/04/2012 6:59 p.m., Beto Moreno wrote:
Hi people.
I had been reading info about squid_ldap_auth vs windows 2003 AD
server, I have some questions that would like to know if someone can
clear my brain.
squid 2.7.x.
http://www.squid-cache.org/Versions/v2/2.HEAD/manuals/squid_ldap_auth
Hi people.
I had been reading info about squid_ldap_auth vs windows 2003 AD
server, I have some questions that would like to know if someone can
clear my brain.
squid 2.7.x.
Went a user have special characters on his password, once the browser
open the credential window it won't accept the u
>
> > The "squid_ldap_auth:" lines are coming from the helper. The problems
> > is exactly as stated, the LDAP server is not answering connection
> > requests.
> >
> > The "commBind:" lines are from squid itself. Squid-2 always uses
> > bind(), even if there is no address being bound. That message
On 10/03/11 00:04, Paul wrote:
In the last 24 hours I've started seeing thousands of requests to my
LDAP server being sent by the squid_ldap_auth helper. In my cache.log
I'm seeing hundreds of "squid_ldap_auth: WARNING, LDAP search error
'Can't contact LDAP server'" entries, interspersed with "2
In the last 24 hours I've started seeing thousands of requests to my
LDAP server being sent by the squid_ldap_auth helper. In my cache.log
I'm seeing hundreds of "squid_ldap_auth: WARNING, LDAP search error
'Can't contact LDAP server'" entries, interspersed with "2011/03/09
10:49:29| commBind: Can
Le mardi 4 mai 2010 14:10:00, burbankmarc a écrit :
> Hey all,
>
> I have ldap authentication working in squid 3.1.3, and it works
> wellexcept that the user has to authenticate everytime they open a
> browser window. All the users are XP using IE. I have another squid (2.5)
> instance running
Hey all,
I have ldap authentication working in squid 3.1.3, and it works
wellexcept that the user has to authenticate everytime they open a
browser window. All the users are XP using IE. I have another squid (2.5)
instance running using NTLM and they only need to type in their credentials
whe
I configured our squid to authenticate with squid_ldap_auth &
squid_ldap_group against an active-directory. With the parameter "-h
[ip-address of domain-controller], I'm able to define one ore more of
our ldapservers (domain-controllers) for querying. But the setting
with the specified failover-dc
lör 2009-10-31 klockan 21:23 +0800 skrev Hendrik Suantio:
> Basically internet explorer or other browser will automatically insert
> username "foo\jack" and password the same as login password for the
> authentication, but when I check with :
No it won't.
MSIE can perform authmatic NTLM authenti
Hi,
I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21
with squid_ldap_auth for authentication with Microsoft AD.
Scenario :
Client username : jack
Microsoft AD Domain : foo
Basically internet explorer or other browser will automatically insert
usernam
Hi,
I am using squid_ldap_auth. I am trying to integrate squid v2.6 stable21
with squid_ldap_auth for authentication with Microsoft AD.
Scenario :
Client username : jack
Microsoft AD Domain : foo
Basically internet explorer or other browser will automatically insert
usernam
Benjamin Fleckenstein wrote:
Hi there,
I've tried to set up a connection from a Squid Proxy (Version 2.6.STABLE10) to
our AD Server (Windows 2003 Server). I've already tried several commands but
there always appears an error. I already checked different forums and manuals
but I don't get the
Hi there,
I've tried to set up a connection from a Squid Proxy (Version 2.6.STABLE10) to
our AD Server (Windows 2003 Server). I've already tried several commands but
there always appears an error. I already checked different forums and manuals
but I don't get the connection to work.
For testi
Hi all,
I'm unable to get squid_ldap_auth to do anything against my LDAP
source which is a Windows 2003 native mode domain controller. Here's
my latest iteration of failed attempts, although I have also tried
many variations of the below.
/usr/lib64/squid/squid_ldap_auth \
-b "dc=corp,dc=ads" \
-
09 10:13 a.m.
Para: Mariano Aller
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
Amos
Has problems or dosnt support it ?
Mariano.
Problems.
Maybe these will help you track the issue down:
http://www.squid-cache.org/mail-archive/squid-use
.
Para: Mariano Aller
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
>> Amos
> > Has problems or dosnt support it ?
>
>> Mariano.
>
>Problems.
>Maybe these will help you track the issue down:
>http://ww
Thanks Amos.
-Mensaje original-
De: Amos Jeffries [mailto:squ...@treenet.co.nz]
Enviado el: viernes, 27 de febrero de 2009 10:13 a.m.
Para: Mariano Aller
CC: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid_ldap_auth question
Mariano Aller wrote:
> Amos
> Has pr
Mariano Aller wrote:
Amos
Has problems or dosnt support it ?
Mariano.
Problems.
Maybe these will help you track the issue down:
http://www.squid-cache.org/mail-archive/squid-users/200407/0845.html
Or there is a patch if it turns out to be the charset problem:
http://www.squid-cache.org/V
Amos
Has problems or dosnt support it ?
Mariano.
Mariano Aller wrote:
Im trying to autheticate and authorize users of MS active directory
(Win2003) with squid_ldap_auth and squid_ldap_group , it’s work fine but I
have some users (ie muñoa, peña) that can’t. Its possible ?
Squid has problems with non-us-ASCII characters in usernames.
Amos
Im trying to autheticate and authorize users of MS active directory
(Win2003) with squid_ldap_auth and squid_ldap_group , its work fine but I
have some users (ie muñoa, peña) that cant. Its possible ?
Thanks.
Mariano.
Henrik,
I have tried LDAP authentication in the past and stop using it becouse
of the passwords being sent in clear text. I read about TLS but then I
would need my DC to be a CA and that is not feasible at the moment. So
Im testing NTLMSSP now, but is not being very stable and also read
that is no
On fre, 2008-11-14 at 10:31 -0600, Johnson, S wrote:
> I just got the squid_ldap_auth working ok on my segment but when
> watching the protocol analyzer I see that the auth requests against the
> AD are coming in as clear text passwords. Is there anyway we can
> encrypt the ldap domain requests?
Johnson, S wrote:
Since this is going to be a "public" network, people will have the
ability to load wireshark or another sniffer program.
Ah, okay.
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are
Since this is going to be a "public" network, people will have the
ability to load wireshark or another sniffer program.
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are coming in as clear text passwor
i get the following error
[EMAIL PROTECTED] ~]# /usr/lib/squid/squid_ldap_auth -b
"ou=people,dc=cbsl,dc=lk"
-f "uid=%s" -d
gayanku cbsl
user filter 'uid=gayanku', searchbase 'ou=people,dc=cbsl,dc=lk'
squid_ldap_auth: ../../../libraries/libldap/search.c:189: ldap_search:
Assertion `ld != ((void
Hello,
The squid_ldap_auth man page says you can specify LDAP "servers" at the
end of the command line. If I specify more than one server would the
first one be queried first and then the second one queried if the query
to the first server times out? I basically would like to specify a
failover e
But I have restructured AD2003. And groups changed to organization unit. I
changed my message on the nabble.com.
I have my users:
in a OU=Unibel, user=unibel and
in a default container 'Users' user=squidtest.
Authentication for users in the 'Users' container works well:
./squid_ldap_auth -u cn
Klaubert Herr da Silveira-2 wrote:
>
> Andrew,
>
> by my quick research the group "Domain Users" are a special group, and
> are not a good group do this job, maybe is better to use other group
> where you turn all users members off it.
>
> To include a check of group you should use a ldap fil
Andrew,
by my quick research the group "Domain Users" are a special group, and
are not a good group do this job, maybe is better to use other group
where you turn all users members off it.
To include a check of group you should use a ldap filter in your
request, something like this:
-f "(&(object
I have my users in a group at the 'Domain Users', default container 'Users'.
Authentication for users in the 'Users' container works well:
./squid_ldap_auth -u cn -b "cn=Users,dc=bsuir,dc=by" 172.16.83.1
squidtest squidtest
OK
How do I check authentication for users in the 'Domain Users'group in
On fre, 2007-09-21 at 17:23 +0100, Darren Durbin wrote:
> I'm using the following in the squid.conf (edited to remove site info) :
>
> auth_param basic program /usr/lib/squid/squid_ldap_auth -f
> "SamAccountName=%s" -d -b "dc=company,dc=co,dc=uk" -D
> "cn=,cn=Users,dc=company,dc=co,dc=uk"
Hello,
I'm trying to get Squid 2.6.STABLE13 from FC6 to authenticate against a
Windows 2003 Active Directory Domain but I'm getting the following error
squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP
server'
I'm using the following in the squid.conf (edited to remove site
ons 2007-03-07 klockan 10:32 +0500 skrev Eugene M. Zheganin:
> But I still have the same problem with spaces.
>
> So, I have the
>
> acl ad-internet-users externalldap_group Internet Users -
> Proxy1
>
> line in config.
Ah, I thougt you was talking about usernames with spaces i
Hi, Henrik.
Henrik Nordstrom wrote:
2) the RFC rfc2254 defined the excaping of the characeters. it doesnt
say that spaces need to be escaped, but, since squid_ldap_group doesn't
accept neither quotes nor doublequotes, I tried to use RFC2254 escaping
when using squid_ldap_group from shell.
mån 2007-03-05 klockan 16:35 +0500 skrev Eugene M. Zheganin:
> I have read about the squid_ldap_group and decided to use it, because it
> restores the config management scheme back to its base. I successfully
> created and set up all the needed acls, removed the blocking acls and
> start using
Hi.
I'm, trying to replace 'ntlm_auth' helper with
'--require-membership-of=' key due to the growing compexity of squid
acls in case of using different authentication schemes simultaneously.
I'm authenticating Active Directory users in AD domain, plus I use the
AD to grant access based on the
tis 2006-12-19 klockan 16:07 +0100 skrev [EMAIL PROTECTED]:
> I'm using squid_ldap_auth to authenticate against our LDAP server.
> Our LDAP server accepts only ldaps (port 636) and anonymouse simple bind is
> disabled.
> And now my problem... squid_ldap_auth doesn't work:
> $ echo " " | /usr/loc
Hello squid-users,
hello Henrik,
I'm using squid_ldap_auth to authenticate against our LDAP server.
Our LDAP server accepts only ldaps (port 636) and anonymouse simple bind is
disabled.
I've copied the certificate of the LDAP server to the squid cache and
configured it in /etc/ldap/ldap.conf:
Yes, that's it. Now I will try to understand it.
http_access rules are acknowledged on a first match basis,
therefore you must write an AND(ed) condition, stating
the both conditions must be met :
http_access allow internal_net domainusers
M.
Yes, that's it. Now I will try to understand it.
Thank you.
Marcelo Koehler
Wed, 25 Oct 2006 16:35:17 +0200, "Mark Elsen" <[EMAIL PROTECTED]> escreveu:
> >
> >http_access allow internalnet
> >http_access allow domainusers
> >...
>
> Try :
>
> http_access allow internalnet domainusers
>
http_access allow internalnet
http_access allow domainusers
...
Try :
http_access allow internalnet domainusers
(don't forget 'squid -k reconfigure')
M.
Hello everyone from the list.
I am using squid_ldap_auth in order to authenticate in a Windows Active
Directory. When the command squid_ldap_auth is issued from a command line, it
works well. But when using a browser, the prompt for user/password dont't
appears. And I can surf the web normally.
nistrator
Dunns Stores (PTY) Ltd
Switchboard: 011 541 3000
Direct: 011 541 3007
Fax: 086 632 1708
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: 01 August, 2006 08:30
To: sOngUs
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] squid_ldap_auth to authten
mån 2006-07-31 klockan 11:18 -0600 skrev sOngUs:
> squid_ldap_auth -R -b cn=users,dc=mydomain,dc=com -D
> "cn=administrator,cn=Users,dc=mydomain,dc=com" -w mypassword -f
> sAMAccountName=%s -h 192.168.0.1 (which is the IP address of the AD
> server.)
>
> But then id does nothing and if i press E
Hello list, this is the first time i post here, so i hope im posting
in the right place.
Im having difficulties to setup authentification with the squid module
squid_ldap_auth
im using squid-2.6.0 ,on a slackware box, trying to test with the line:
squid_ldap_auth -R -b cn=users,dc=mydomain,dc=co
Hi all,
Problem solved :)
There were two problems:
1. You MUST use -v 3 as option for squid_ldap_auth
2. My search filter was wrong
Now all works great!
Best regards,
Chris
___
SMS schreiben mit WEB.DE FreeMail - einfach, schnell und
I thought you have to use the DN
(CN=UsersCommonName,OU=UsersOrgUnit,DC=Domain) for the user with which
you connect (-D flag)..
I've never used squid_ldap_auth, but for squid_ldap_group that's how I
got it working.
BTW, on your second command line there is a " missing after
[EMAIL PROTECTED]
Hello all,
i have a problem with the squid_ldap_auth helpers. I'm trying to authenticate
against an Active Directory (W3K). For the following command this works fine:
./squid_ldap_auth -b "ou=myOU,dc=foo,dc=domain,dc=com" -s sub -D "[EMAIL
PROTECTED]" -w squidpwd -f "(&(objectcategory=person)(o
-cache.org
Subject: AW: [squid-users] squid_ldap_auth and filters
No, it does not work without an ou-part (what I had tried before):
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D "cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc
mån 2006-03-13 klockan 09:27 +0100 skrev [EMAIL PROTECTED]:
> No, it does not work without an ou-part (what I had tried before):
>
> /usr/local/squid/libexec/squid_ldap_auth \
> -h ldapserver \
> -D "cn=adminaccount,ou=Service
> Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,d
No, it does not work without an ou-part (what I had tried before):
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D "cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company,dc=com" \
-w "topsecret" \
-b "dc=emea,dc=
fre 2006-03-10 klockan 12:27 +0100 skrev [EMAIL PROTECTED]:
> squid_ldap_auth (of Squid 2.5 Stable 12) works fine with this script:
>
> /usr/local/squid/libexec/squid_ldap_auth \
> -h ldapserver \
> -D "cn=adminaccount,ou=Service
> Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company
squid_ldap_auth (of Squid 2.5 Stable 12) works fine with this script:
/usr/local/squid/libexec/squid_ldap_auth \
-h ldapserver \
-D "cn=adminaccount,ou=Service
Accounts,ou=_SiteMgmt,ou=BNN,ou=DE,dc=emea,dc=company,dc=com" \
-w "topsecret" \
-b "ou=DE,dc=emea,company,dc=com
> Has anybody come across this problem of getting Squid_ldap_auth to get
> users off of a NDS ldap server? ldapsearch can connect to it fine, and I
> can see the users, but when I use it to auth with squid. It gives me a
> ERR Success message. Also, do you know where or how I can turn the logs
> on
Has anybody come across this problem of getting Squid_ldap_auth to get
users off of a NDS ldap server? ldapsearch can connect to it fine, and I
can see the users, but when I use it to auth with squid. It gives me a
ERR Success message. Also, do you know where or how I can turn the logs
on to se
On Fri, 13 Jan 2006, Meyerovich Aleksandr EB_NY wrote:
Anybody could help with squid_ldap_auth usage examples?
There is several in the man page.
Say, I'd like to athenticate users belogning to the group Internet in
DC=domain, DC=com, OU=Users (Microsoft AD)
Then you probably should combine
Hi All,
Anybody could help with squid_ldap_auth usage examples?
Say, I'd like to athenticate users belogning to the group Internet in
DC=domain, DC=com, OU=Users (Microsoft AD)
Thanks a lot!
Alex
-
The information
Is there anyway to have these auth helpers use more than one domain
controller for lookups so that if one ldap server doesn't respond it tries
another?
Thanks,
Colin Farley
Hi,
At 16.32 10/11/2005, Colin Farley wrote:
Thanks for the reply. I had a look at the article and I don't think that
it explains my situation. My squid_ldap_auth command points to a squid
user and supplies a password so I am not doing anonymous searches. I think
the fact that it works when
squid-users@squid-cache.org
cc
Subject
Hi,
At 22.25 09/11/2005, Colin Farley wrote:
So, it seems that Windows 2003 domain
controllers have added security that stops searches beginning from the base
of the domain and searches must start within an ou. Has anyone encountered
this? Are there any fixes that anyone is aware of? Any help
We have a few production squid proxy servers running various STABLE
versions of squid 2.5 and are encountering some issues as we upgrade our
Domain controllers from windows 2000 to windows 2003. The proxy servers
query the LDAP directory for user access control. Ideally, we would like
all proxy
ct: Re: [squid-users] squid_ldap_auth from shell
On Fri, 21 Oct 2005, John Halfpenny wrote:> My basic authenticator
works fine, in the form>> /usr/lib/squid/squid_ldap_auth -b
"ou=Users,dc=my,dc=domain"> myname mypassword> OKOk.> I
have noticed that my LDAP group does
On Fri, 21 Oct 2005, John Halfpenny wrote:
My basic authenticator works fine, in the form
/usr/lib/squid/squid_ldap_auth -b "ou=Users,dc=my,dc=domain"
myname mypassword
OK
Ok.
I have noticed that my LDAP group doesn't have a 'member' attribute, but it
does have 'memberUid'. On my LDAPBrows
Hi Everyone,
Hope you can help. I'm trying to set up LDAP authentication based on group
membership on a Linux Server running squid 10 stable 11.
I've read from the archives that it is a two stage process, and presently the
group membership from the bash prompt is giving me a bit of a heada
Hello,
I have a Squid 2.5stable10 running with LDAP_Auth and ldap Group
authentication, running against one of our Domain Controllers
Everything is fine so far, and (allmost) everyone can surf the internet.
BUT:
A few users get an "ERR success" Message when executing the squid_ldap_auth
script
On Sat, 6 Aug 2005, c.s.r.c.murthy wrote:
Dears all,
Has anybody tried and successful in compiling squid_ldap_auth with
option "-DNETSCAPE_SSL" ?. When I do it, I get following errors
Do you have the Netscape LDAP API?
Have you told the compiler where to find this API libraries and header
Dears all,
Has anybody tried and successful in compiling squid_ldap_auth with
option "-DNETSCAPE_SSL" ?. When I do it, I get following errors
squid_ldap_auth.o: In function `main':
/usr/local/downloads/squid-2.5.STABLE6/helpers/basic_auth/LDAP/squid_ldap_auth.c:424:
undefined reference to `ld
hello,
i try to test the auth_param_basic option in the squid.conf on the
commandline but got problem configuring the search filter.
the users who gain access to the www, should enter the sAMAccountName and
the password stored in the ad-tree. i use this command but get always an
error after speci
I have checked the nsswitch.conf and hosts are in the
same order.
Yes I am able to ping the ADS servers with their FQDN
when the DNS is down but not to any other PCs
Regards
Babs
--- it clown <[EMAIL PROTECTED]> wrote:
> look at your nsswitch.conf.
>
> hosts: files dns
>
> If you add that to
On Sat, 23 Apr 2005, Babs wrote:
Interestingly Henrik , I have added those ADS servers
IPs in /etc/hosts when i setup the proxy and still I
dont know why this happend. Anything you want me to
check it up?
next time, check if you can reach the ADS servers using ldapsearch.
Regards
Henrik
look at your nsswitch.conf.
hosts: files dns
If you add that to nsswitch.conf it will first look at your
/etc/hosts file and then dns. Make sure you have your AD pc
in /etc/hosts.
to be able to connect to AD you need dns to resolv its
name. Can you ping any pc on network with its FQDN when dns
Okei Thats looks to be the reason for this auth
failure. Thanks a lot for this info Micheal.
thanx & regards
Babs
--- Michael Wray <[EMAIL PROTECTED]> wrote:
> That's because the authenticators need to verify
> WHERE to authenticate via
> dns...so the look for the special SRV entries that
> AD h
Interestingly Henrik , I have added those ADS servers
IPs in /etc/hosts when i setup the proxy and still I
dont know why this happend. Anything you want me to
check it up?
Regards
Babs
--- Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
>
>
> On Thu, 21 Apr 2005, Babs wrote:
>
> > Hi
> > As the l
On Thu, 21 Apr 2005, Babs wrote:
Hi
As the linuxbox access the Win2K box running ADS for
getting the user authenticated using squid_ldap_auth,
when the machine running DNS goes down linuxbox is
not able to reach the Win2K box running ADS I suppose.
As soon as the DNS system came back to life
authe
That's because the authenticators need to verify WHERE to authenticate via
dns...so the look for the special SRV entries that AD has for _kerberos and
_ldap, if he can't get a response on those entries, then it is assumed that
they are unreachable.
On Thursday 21 April 2005 10:21 am, Babs wrote
Hi
As the linuxbox access the Win2K box running ADS for
getting the user authenticated using squid_ldap_auth,
when the machine running DNS goes down linuxbox is
not able to reach the Win2K box running ADS I suppose.
As soon as the DNS system came back to life
authentication is working fine. Anyone
Hi All!
At last I found out whats causing this trouble. It is
my DNS was causing this whole problem. If you get this
error make sure your DNS is working properly. Even
though I had specified the servers in hosts file still
somehow it was using my DNS which was pointing outside
my network. I thought
Hi
I am facing the same problem once again, the
authentication from the browser appears repeatedly and
gives a authentication error. cache.log reports
"Squid_Ldap_Auth error: Cant Contact LDAP Server".
This time I made sure things are fine with Msbox and
with a nmap, I could see the ldap ports in
On Wed, 13 Apr 2005 [EMAIL PROTECTED] wrote:
Everything is working fine without SSL encryption.
Good.
Now i want to aktivate the TLS option for the squid_ldap_auth. When i add
the option -Z ( and -v 3 ) i will reveive the message "Could not Activate
TLS connection".
TLS is working with our LDAP-Se
Hello,
we are using SuSE SLES9 with Squid Cache: Version 2.5.STABLE5.
We are using LDAP authentication with novell netware edirectory.
Everything is working fine without SSL encryption.
Now i want to aktivate the TLS option for the squid_ldap_auth. When i add
the option -Z ( and -v 3 ) i wi
> Yup I did that and I am able telnet to the MS-ADS port
> in the server.
> I ran a nmap and I could see the ports listed on the
> MS box. I rebooted the ms-box and It looks be this are
> fine so I am suspecting the ms-box doing something
> fishy, but I am getting nervous again as I got around
>
> >
>
> - Check whether the LDAP server is running on the
> MS-AD box.
>* Check eventvwr , watchout for system or app.
> errors.
>
> - Verify further by contacting the LDAP server
> manually from the squid box.
>squidhost % telnet ms-ads_host 443
>
>Should at least establish
>
> Hello
> I am having a squid proxy running with ldap
> authentication from MS-ADS. It was working fine till
> now but today morning onwards its giving me a strange
> problem.
> in cache.log I could see :- squid_ldap_auth WARNING,
> Ldap Serch Error 'Cant Contact LDAP Server'
>
> I have chec
Hello
I am having a squid proxy running with ldap
authentication from MS-ADS. It was working fine till
now but today morning onwards its giving me a strange
problem.
in cache.log I could see :- squid_ldap_auth WARNING,
Ldap Serch Error 'Cant Contact LDAP Server'
I have checked everything as nothin
>
>
>
>
> squid_ldap_auth supports whatever passwords encryption schemes supported
> by your LDAP server, using either ldap_simple_bind to bind to the user
> object in the LDAP tree or ldap_compare to compare the selected password
> attribute with the user supplied password. In both opera
1 - 100 of 221 matches
Mail list logo
