[squid-users] problem with squid_ldap_group + AD

From: Miguel Angel Ruiz Manzano <debianized@dont-contact.us>
Date: Wed, 12 Dec 2007 11:08:03 -0300

Hi all,

I want to configure my squid to validate users with AD.

squid_ldap_auth is working without problems, but I tried to configure
squid_ldap_group based on this successful ldapsearch query:

$ ldapsearch -xLLL -b "OU=Lala,DC=lala,DC=cl" -h 192.168.80.10 -D
"debianized@lala.cl" -w "password"
"(&(objectClass=User)(sAMAccountName=debianized)(memberOf=CN=Admins,OU=Admin
Group,OU=Lala,DC=lala,DC=cl))"

Then, I put the following configuration in squid.conf

/usr/lib/squid/squid_ldap_group -b "OU=Lala,DC=lala,DC=cl" -f
"(&(sAMAccountName=%u)(objectclass=User)(memberOf=CN=%g,OU=Admin
Group,OU=Lala,DC=lala,DC=cl))" -d "debianized@lala.cl" -w "password"-h
192.168.80.10"

I restarted the service and I tested the new configuration with my
account, but I got the following message in the squid log (cache.log):

Connected OK
group filter
'(&(sAMAccountName=debianized)(objectclass=User)(memberOf=CN=Lala,OU=Admin
  Group,OU=Lala,DC=lala,DC=cl))', searchbase 'OU=Lala,DC=lala,DC=cl'
squid_ldap_group WARNING, LDAP search error 'Operations error'

any comments?

Thanks in advance

-- 
Miguel Angel Ruiz Manzano                    http://vulcano.mine.nu
Computer Science Student - PUCV - Chile

Received on Wed Dec 12 2007 - 07:08:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:01 MST