I change the filter for:
-f "(&(cn=%g)(member=%u))"
Because member is the attribute that the group membership in AD show,
but don't work.
-----Mensaje original-----
De: Henrik Nordstrom [mailto:hno@squid-cache.org]
Enviado el: Friday, August 29, 2003 20:20
Para: Guillermo Ettlin; squid-users@squid-cache.org
Asunto: Re: [squid-users] Squid ldap_group
On Friday 29 August 2003 23.00, Guillermo Ettlin wrote:
> external_acl_type ldap_group %LOGIN
> /usr/local/libexec/squid_ldap_group -h ldapserver -b
> "dc=myldap,dc=edu,dc=uy" -D "cn=auth,cn=users,dc=myldap,dc=edu,dc=uy"
> -w pass -f "(&(objectClass=User)(sAMAccountName=%u)(memberOf=%g))"
Are you sure the user objects have the memberOf attribute?
Usually one looks up group membership by looking for the user within
the group, not by looking for the group within the user..
I am not a MS AD user.
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Mon Sep 01 2003 - 11:00:26 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:28 MST