[squid-users] Error with Squid_LDAP_Auth.exe on Win2K

From: Helpdesk <helpdesk@dont-contact.us>
Date: Tue, 20 Apr 2004 10:27:59 +1000

Hello,

I am setting-up a Squid proxy (Squid 2.5STABLE5 from Acme Consulting) on Win2K SP-4. Because the box is in a DMZ and not a member of the Active Directory Domain, I have decided to use Squid_LDAP_Auth.exe to authorize my users against our AD Tree. (At this time, all users with a valid Domain Account can access the Internet.)

Whenever I run the Squid_LDAP_Auth.exe program (either from command line or from Squid) I get an error stating "Squid_LDAP_Auth.exe - Application Error. The instruction at 0x77952d58 referenced memory at 0x00000011. The memory could not be read." The relevant portions of my squid.conf file are listed bellow. There are no errors listed in cache.log. The only reference is "helperOpenServers: Starting 5 'squid_ldap_auth.exe' processes."

Can anyone point me in the right direction? Also, when running Squid_LDAP_Auth.exe from the command line, do you need to change anything? (i.e. change the %s to the username you are trying to authenticate. I have tried it both ways and still get the error.)

Thanks,

John

auth_param basic program D:/squid/libexec/squid_ldap_auth.exe -P -R -b "dc=jlf,dc=jlf,dc=com,dc=au" -D "cn=XXXX XXXX,cn=users,dc=jlf,dc=jlf,dc=com,dc=au" -w "XXXXXXXX" -f "(&(sAMAccountName=%s)(objectClass=Person))" -h ldap.jlf.jlf.com.au

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl varEVERYONE src 0.0.0.0/0.0.0.0
acl varMANAGER proto cache_object
acl varFROM_LOCALHOST src 127.0.0.1/255.255.255.255
acl varTO_LOCALHOST dst 127.0.0.0/8
acl varSSL_PORTS port 443 563
acl varSAFE_PORTS port 80 # http
acl varSAFE_PORTS port 21 # ftp
acl varSAFE_PORTS port 443 563 # https, snews
acl varSAFE_PORTS port 1025-65535 # unregistered ports
acl varCONNECT method CONNECT
acl JLF_Internal_Networks src 192.168.1.0/24 192.168.4.0/24

http_access allow varMANAGER varFROM_LOCALHOST
http_access deny varMANAGER
http_access deny !varSAFE_PORTS
http_access deny varCONNECT !varSSL_PORTS
http_access deny varTO_LOCALHOST
 
acl JLF_ALLOWED_TO_SURF_THE_WEB proxy_auth REQUIRED
http_access allow JLF_ALLOWED_TO_SURF_THE_WEB
http_access deny varEVERYONE

http_reply_access allow varEVERYONE

icp_access deny varEVERYONE
Received on Mon Apr 19 2004 - 18:28:02 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT