[squid-users] ldap_auth protocol error Msg

From: digitalfx <tinchole@dont-contact.us>
Date: Thu, 14 Oct 2004 17:00:00 -0300

      ldapsearch -x -b dc=mydomain,dc=com -h 192.168.2.107 uid=a_login_name
      and
      ldapsearch -x -b dc=mydomain,dc=com -D cn=admin,dc=mydomain,dc=com -w
      pass -h 192.168.2.107 uid=a_login_name

      Works perfect.

      There is no "squid_ldap_auth" command

      If i use:
      ldap_auth -b dc=mydomain,dc=com -D cn=admin,dc=mydomain,dc=com -w
      pass -h 192.168.2.107 uid=a_login_name i get the err.

      If I use:
      ldap_auth -x -b dc=mydomain,dc=com -D cn=admin,dc=mydomain,dc=com -w
      pass -h 192.168.2.107 uid=a_login_name
      it says:
      squid_ldap_auth: ERR: Unknown command line option 'x'

      i dont have any idea why i can bind from command line to ldap server,
and the ldap_auth module can't.

      PD: ldap_auth module doesnt list "-1" as an option

      Regards.

      On Thu, 14 Oct 2004, digitalfx wrote:

                yes i can, using ldapsearch with -x option (simple
authentication)
            ldapsearch -x -b dc=mydomain,dc=com -D
cn=admin,dc=mydomain,dc=com -w
            pass -h 192.168.2.107 uid=a_login_name
            otherwise i get this bind msg: Server is unwilling to perform
(53)
            additional info: unauthenticated bind (DN with no password)
disallowed

      Odd. If ldapsearch works then squid_ldap_auth should work as well.

      Does your directory really require binding to search? Does the
following work?

      ldapsearch -x -b dc=mydomain,dc=com -h 192.168.2.107 uid=a_login_name

      If it does, try using squid_ldap_auth in the same manner

      squid_ldap_auth -f uid=%s -b dc=mydomain,dc=com 192.168.2.107

      You can also try using the -1 option (oneshot).

      Regards
      Henrik

From: Henrik Nordstrom <hno@squid-cache.org>
To: digitalfx <tinchole@satlink.com>
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] ldap_auth protocol error Msg
Sent: Thursday, October 14, 2004 4:22:44 PM

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Digitalfx" <tinchole@satlink.com>
Cc: <squid-users@squid-cache.org>
Sent: Thursday, October 14, 2004 5:14 AM
Subject: Re: [squid-users] ldap_auth protocol error Msg

>
>
> On Wed, 13 Oct 2004, Digitalfx wrote:
>
> > Im getting this squid cache log error while trying to validate squid
users
> > using slapd
> > "squid_ldap_auth: WARNING, could not bind to binddn 'Protocol error' "
>
> Can you bind to the DN using ldapsearch?
>
> ldapsearch -b dc=mydomain,dc=com -D cn=admin,dc=mydomain,dc=com -w pass -h
192.168.2.107 uid=a_login_name
>
> Regards
> Henrik
>
Received on Thu Oct 14 2004 - 13:55:14 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:02 MST