On Dec 4, 2006, at 9:04 PM, Henrik Nordstrom wrote:
> There is a man page for squid_ldap_auth trying to explain most uses..
> man -M /usr/local/squid/man squid_ldap_auth
Thanks. I'll re-install during some network down time and make sure
that this stuff is installed this time. Apparently, I did not choose
the LDAP optional support in the FreeBSD port when I installed it a
while ago.
BTW, sorry for the delayed reply. Real life got in the way and all
that...
> * Which user attribute carries the information you want to use as
> login?
Not sure. How do I find out? (Sorry, but I use LDAP for MacOS X
authentication from MacOS X workstations to a MacOS X server.)
> * Based DN of your LDAP tree
IIRC, its dc=dir,dc=domain,dc=tld with obvious substitutions.
> * If anonymous searches is allowed.
Yes. I already set up SquirrelMail's address book to search the
directory and this did not require any username/password pair.
> Please ignore pam_auth. It's just a last resort thing when there is no
> other helpers available. You should only go down that path if you want
> to use the LDAP for system authentication as well.
Ah! Thanks for the info. That is a pretty major point all by
itself. Since the proxy is supposed to be an admin-only area, PAM
was definitely the wrong way to go.
Jaime
Received on Thu Dec 07 2006 - 05:19:00 MST
This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST