Hi, I have a problem with squid_ldap_auth. I use it to authorize against M$-AD, no problems so far. I all works with the following: auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b "OU=Gebruikers,DC=domain,DC=org" -s sub -D "cn=administrator,ou=beheer,dc=domain,dc=org" -w "password" -h server -p 389 -v 3 -f sAMAccountName=%s
Now I also want to check if the user is a member of a AD group, so I did the following: auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b "OU=Gebruikers,DC=domain,DC=org" -s sub -D "cn=administrator,ou=beheer,dc=domain,dc=org" -w "password" -h server -f "(&(sAMAccountName=%s)(memberOf=CN=Internet-Users,OU=Gebruikers Groepen,OU=Gebruikers,DC=domain,DC=org))" This works great from the command line: a user who is a member get's OK and if you are not a member it shows ERR. This is what I want. I just can't get it to work from within squid. In the cache.log the following line appears when authenticating: squid_ldap_auth: WARNING, LDAP search error 'Bad search filter' I'm using squid/2.5.STABLE4 on solaris 9. Any help?? Regards Martijn
