Hi, folks...
until now we have used a flat hierarchy of users in an LDAP tree. Let's
say our user accounts are stored in ou=proxy,o=org.
Now we want to use a more complex hierarchy with different departments.
Our user accounts are now stores in multiple subtrees like:
ou=marketing,ou=proxy,o=org
ou=sales,ou=proxy,o=org
ou=devel,ou=proxy,o=org
We discovered a stupid problem. Although the default search scope in
"ldap_auth" (shipped with Squid 2.5.2-1) is by default set to "sub"
(which should mean to search in this tree and all subtrees) only users
in the current tree can be authenticated. I just get an "ERR".
I can even set "-s sub" with the same result. I have already checked the
source code to see whether "-s" is a placebo option - it is not.
Is this a well-known bug? I could of course develop a little Perl
application (I know Perl better than C) that does the authentication.
But I would love to go with the included authenticator.
Any hints are welcome...
Christoph
-- ~ ~ ".signature" [Modified] 3 lines --100%-- 3,41 AllReceived on Wed May 07 2003 - 09:56:26 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:20 MST