Re: [squid-users] squid_ldap_group troubles

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 01 May 2007 17:32:44 +0200

tis 2007-05-01 klockan 14:09 +0300 skrev Sergey A. Kobzar:

> external_acl_type ldap_group %LOGIN /usr/local/libexec/squid/squid_ldap_group \
> -b "ou=Groups,dc=home" -f "(&(memberUid=%u)(cn=%g))" -v 3 localhost \
> -D "cn=Guest,ou=DSA,dc=home" -w xxx

All options need to go before the host name, or the'll get misread as
hostnames..

> May 1 14:00:28 pixel slapd[744]: conn=256 fd=21 ACCEPT from IP=127.0.0.1:50849 (IP=127.0.0.1:389)
> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SRCH base="ou=Groups,dc=home" scope=2 deref=0 filter="(&(memberUid=sak)(cn=squid-unlim))"

This search was anonymous. Probably because of the above.

> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SRCH attr=1.1
> May 1 14:00:28 pixel slapd[744]: conn=256 op=0 SEARCH RESULT tag=101 err=0 nentries=0 text=

And no results was returned by your LDAP..

Regards
Henrik

Received on Tue May 01 2007 - 09:32:51 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT