Re: [squid-users] squid ldap group authentication

CsY Mon, 05 Dec 2005 07:49:30 -0800

i probe these configs, but arent working.<br>
auth_param basic program /usr/lib/squid/ldap_auth -Z -b 
"ou=group,dc=mydomain,dc=com" -D cn=admin,dc=hu -w password
auth_param basic children 10
auth_param basic credentialsttl 1 hour
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563

acl SSL_ports port 873acl Safe_ports port 80acl Safe_ports port 21acl Safe_ports port 443 563acl Safe_ports port 70acl Safe_ports port 210

acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 631
acl Safe_ports port 873
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
no_cache deny QUERY
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -b "ou=group,dc=mydomain,dc=com" -f 
(&amp;(objectclass=posixGroup) (cn=%a) (member=%v))" -B " "cn=internet,ou=group,dc=mydomain,dc=com" 
-F uid="%s" -D cn=admin,dc=com -w password
acl passwd proxy_auth REQUIRED
acl passwd_group external ldap_group internet
http_access allow manager localhost
http_access allow password
http_access allow passwd_group
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
httpd_accel_single_host off
coredump_dir /var/spool/squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on


The ldap:

com
|
mydomain
|       |
users   groups
|         |
user1   internet



Mark Elsen írta:

On 12/5/05, CsY <[EMAIL PROTECTED]> wrote:

Hello

Can i help you?
I need set up the ldap group authentication, this rule do not working.
Any idea?

auth_param basic program /usr/lib/squid/ldap_auth -ZZ -b 
"ou=peoples,dc=mydomain,dc=com" ldap

external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -ZZ
-b "cn=netgroup,ou=groups,dc=mydomain,dc=com" -f
"(&(objectclass=posixGroup)(cn=%a)(member=%v))" -B
"ou=peoples,dc=mydomain,dc=com" -F uid="%s" -w pass serveraddress:serverport

acl password proxy_auth REQUIRED
acl password_group external ldap_group internet


http_access allow password_group

thanks



 - Squid version ?
 - OS/platform/version ?

 M.

 _____________ NOD32 1.1311 (20051202) Információ _____________

Az üzenetet a NOD32 antivirus system megvizsgálta.
http://www.nod32.hu

Re: [squid-users] squid ldap group authentication

Reply via email to