hi to all

i have a new suse linux with squid-2.4.STABLE6-9 
and a W2K ADS and I want to use squid_ldapauth to
let my users authentificate themselves with their
windows account.
when squid starts it doesn't complain about anything.
when a user wants to use the proxy the ACL
acl my_users proxy_auth REQUIRED
takes place - the authentification popup pops up
ans she is rejected.
the access.log says this:

1057336343.145     14 10.220.62.26 TCP_DENIED/407 1374 GET http://www.louden.de/ 
max.bmuster NONE/- - [Accept: image/gi
f, image/x-xbitmap, image/jpeg, image/pjpeg, application/msword, 
application/vnd.ms-excel, application/vnd.ms-powerpoin
t, */*\r\nAccept-Language: de\r\nProxy-Authorization: Basic 
bWF4LmJtdXN0ZXI6Ym11c3Rlcg==\r\nUser-Agent: Mozilla/4.0 (co
mpatible; MSIE 6.0; Windows NT 5.0; Logware; Logware Informationssysteme 
GmbH)\r\nHost: www.louden.de\r\nProxy-Connecti
on: Keep-Alive\r\n] [HTTP/1.0 407 Proxy Authentication Required\r\nServer: 
Squid/2.4.STABLE6\r\nMime-Version: 1.0\r\nDa
te: Fri, 04 Jul 2003 16:32:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 
993\r\nExpires: Fri, 04 Jul 2003 16:32:
23 GMT\r\nX-Squid-Error: ERR_CACHE_ACCESS_DENIED 0\r\nProxy-Authenticate: Basic 
realm="Logware Proxy Server"\r\n\r]

so i start squid_ldapauth by hand.
here is the output :

squid_ldapauth -v -q -l
squid_ldapauth[2523]: config - found key: 'ldap-server'
squid_ldapauth[2523]: config - got value: '10.xxx.xxx.xxx'
squid_ldapauth[2523]: config - found key: 'ldap-port'
squid_ldapauth[2523]: config - got value: '389'
squid_ldapauth[2523]: config - found key: 'ldap-suffix'
squid_ldapauth[2523]: config - got value: 'DC=city,DC=company,DC=de'
squid_ldapauth[2523]: config - found key: 'ldap-filter'
squid_ldapauth[2523]: config - got value: '(uid=%s)'
squid_ldapauth[2523]: config - found key: 'ldap-passwdfield'
squid_ldapauth[2523]: config - got value: 'userpassword'
squid_ldapauth[2523]: config - found key: 'ldap-binddn'
squid_ldapauth[2523]: config - got value: 
'CN=Administrator,OU=org2,OU=org1,DC=city,DC=company,DC=de'
squid_ldapauth[2523]: config - found key: 'ldap-password'
squid_ldapauth[2523]: config - got value: 'PaSsWoRd'
squid_ldapauth[2523]: using ldap-server => '10.xxx.xxx.xxx'
squid_ldapauth[2523]: using ldap-port => '389'
squid_ldapauth[2523]: using ldap-suffix => 'DC=city,DC=company,DC=de'
squid_ldapauth[2523]: using ldap-filter => '(uid=%s)'
squid_ldapauth[2523]: using ldap-passwdfield => 'userpassword'
squid_ldapauth[2523]: using ldap-binddn => 
'CN=Administrator,OU=org2,OU=org1,DC=city,DC=company,DC=de'
squid_ldapauth[2523]: using ldap-password => 'PaSsWoRd'
squid_ldapauth[2523]: connection etablished - waiting for queries

when i type in this :
administrator PaSsWoRd

i get this :
squid_ldapauth[2523]: ldap result was empty (user not found)
squid_ldapauth[2523]: authentication request for 'administrator' - ERR
ERR

funny
of cause administrator exists - he has just 
established the connection - hasn't he ?
i can do this with any user and none is found.
administrator has domain-administration rights
so it can't be a problem with missing rights.
(i started this with a common user squid and
will use him once it will work...)

i increased the rights on the squid cache :
drwxrwxrwx   21 squid    squid         528 Jul  3 16:02 squid

but this too hadn't any effect.
i'm afraid the problem is caused by the 
windows ADS. a really nasty idea.

i'd be really greatful for any suggestion.
Kaja



  ================================= 
  Rokaya Louden
  Systemadministration

  LOGWARE Informationssysteme GmbH 
  Schwedenstraße 9 
  13359 Berlin 

  FON: +49 (0) 30 49901-214 
  FAX: +49 (0) 30 49901-108-214 
  Mailto:[EMAIL PROTECTED] 
  < http://www.logware.de> 
  ================================= 

Reply via email to