I think I'm using a consistent search bind DN and still getting an error after the 2003 upgrade.
Successful ldapsearch query: ldapsearch -b "DC=scif, DC=com" -D "CN=Squid1, OU=FD, OU=Fairfield, DC=scif, DC=com" -w "password" -H ldaps://fddc02.scif.com:636/ -S /usr/local/ssl/certs -x "(SamAccountName=Squid1)" cn version: 2 # # filter: (SamAccountName=Squid1) # requesting: cn # # Squid1 Proxy, FD, Fairfield, scif, com dn: CN=Squid1 Proxy,OU=FD,OU=Fairfield,DC=scif,DC=com cn: Squid1 Proxy squid_ldap_auth query fails: echo "Squid1 password" | /usr/local/squid/libexec/squid_ldap_auth -H ldaps://fddc02.scif.com:636/ -D "CN=Squid1, OU=FD, OU=Fairfield, DC=scif, DC=com" -w "password" -P -b "DC=scif,DC=com" -f "(SamAccountName=Squid1)" squid_ldap_auth: WARNING, LDAP search error 'Operations error' ERR Any ideas on why squid_ldap_auth fails and ldapsearch succeeds? The same squid_ldap_auth query was working until our domain controllers were upgraded to 2003. Thanks, Mark On Thu, 14 Oct 2004 10:12:43 +0200 (CEST), Henrik Nordstrom wrote > > The search bind DN is not correct, and does not match your > successful ldapsearch > > To be least confusing your should specify a LDAP DN in both. Relying > on the LDAP server to understand shorthand aliases like > [EMAIL PROTECTED] can be a little confusing. > > Regards > Henrik _______________________________________________________________ Mark Krawec [EMAIL PROTECTED] "Earth First" (We'll strip mine the other planets later)
