Hi Miguel, Thanks for the reply. I am using squid on Windows 2003 server not unix, I think the squid entry for the external helper differs slightly.
Could you advise. Many Thanks Nick On 8/8/07, ALZUETA VERON, Miguel I. <[EMAIL PROTECTED]> wrote: > Here it goes again. > Security policies block the attach because it had .sh extensión. > Remember to rename from .txt to .sh and give it +x > > Regards > > > -----Mensaje original----- > De: ALZUETA VERON, Miguel I. > Enviado el: Miércoles, 08 de Agosto de 2007 09:33 > Para: nick w > Asunto: RE: [squid-users] NTLM_Auth & LDAP_Group help needed. > > Dear Nick: > > First of all, sorry if I misspell something, but English is not my primary > language. > > And about the authenticate method, yes, you can mix both helpers. The way to > do that is making your own helper. > I attached the helper I did. > > > The helper works this way. > Squid calls our script (helper), then our script calls another helper, and if > this helper fails (return ERR), then our script try another helper, and so > on... until some of these helpers return OK or finally ERR > > I need to notice that the helper I did mix an authentication against a LDAP > server (MS Active Directory), and if this method fails, then it try to > authenticate against a passwd file using the NCSA helper. > But you can edit the helper to use any method you want. You only had to edit > in your squid.conf the "auth_param basic" or "auth_param METHOD" to point to > the helper, and then modify the helper to use the methods that you want. > > > Basically, you only need to do this: > You have to put the helper somewhere and give it +x permission (chmodx +x > /path/to/the/helper.sh). > Then, in your squid.conf you had to change your auth_param to point to the > helper. > Finally, edit the helper to use the methods you want. > > Ok, I think that's all. > If you have any questions, don't hesitate on asking. > > Best regards. > > > P.S: I almost forgot. You need a user to authenticate against the ldap > server, and then modify the next string in the helper putting your info in > USER, PASS, LDAP_SERVER and obviously dc=yourdomain,dc=com. > > /usr/lib/squid/squid_ldap_auth -p -R -b "cn=Users,dc=yourdomain,dc=com" -D > "cn=USER,cn=Users,dc=yourdomain,dc=com" -w "PASS" -f > "(&(objectClass=person)(sAMAccountName=%s))" -h LDAP_SERVER > > > -----Mensaje original----- > De: nick w [mailto:[EMAIL PROTECTED] > Enviado el: Martes, 07 de Agosto de 2007 19:47 > Para: GIETZ, Pablo; ALZUETA VERON, Miguel I. > Asunto: Re: [squid-users] NTLM_Auth & LDAP_Group help needed. > > Hi Miguel, > > Pablo advised that you are the author of a mixed helper that he is > using for NTLM_Auth & LDAP_Group. Would you mind letting me know how > to configure this? > > many thanks > > Nick > > On 8/8/07, GIETZ, Pablo <[EMAIL PROTECTED]> wrote: > > > > > > > > we are building rigth now a mix helper. > > if you want the author of this helper is > > [EMAIL PROTECTED] > > > > Regards > > > > ________________________________ > > De: nick w [mailto:[EMAIL PROTECTED] > > Enviado el: mar 07/08/2007 2:06 > > Para: Henrik Nordstrom > > CC: Angel Mieres; squid-users@squid-cache.org > > Asunto: Re: [squid-users] NTLM_Auth & LDAP_Group help needed. > > > > > > > > > > Hi Henrik, > > > > Could you advise why the session hangs then? > > > > thanks > > > > Nick > > > > On 7/29/07, Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > > > On ons, 2007-07-25 at 08:36 +1000, nick w wrote: > > > > thanks for the reply Angel. I have read on the forums that these two > > > > helpers can be used together!? > > > > > > Yes. You can mixfreely. > > > > > > > > > > > > >