Hi
Look at this:
http://wiki.squid-cache.org/Features/Authentication#How_do_I_prevent_Login_Popups.3F
Regards,
Tom
2012/3/29 Thitiporn Pornpirunrak mo.8...@gmail.com:
Hi Diego,
That shines my day. works perfectly. Thank you so much.
would you mind tell me where to find the 'long story'?
Hi
We're using squid-3.1.14.
The command 'squidclient mgr:info' shows the sum of Disk hits as % of
hit requests and Memory hits as % of hit requests with less than
100%.
I searched around and found a post from 2002 from Henrik:
http://www.squid-cache.org/mail-archive/squid-users/200201/0291.html
Hi
I have found the following web-based tool to calculate the objects freshness:
http://web.forret.com/tools/squid.asp
If it's useful for others too, can a site-admin publish this url on
squid-cache.org (perhaps 'Related Software')?
Thanks and regards,
Tom
Hi
Is there a configuration option (squid 3.1.14) which instructs squid
to loadbalance the icap-requests? I saw, that it's possible to define
failover with an adaptation_service_set. But also loadbalancing?
Thanks a lot.
Tom
2011/6/10 Amos Jeffries squ...@treenet.co.nz:
On 10/06/11 20:41, Tom Tux wrote:
Mmm...
Now I were able to force squid to die (with gdb):
From cache.log:
--- SNIP ---
(squid)(death+0x37)[0x564d37]
/lib64/libpthread.so.0(+0xf5d0)[0x7f99ebe705d0]
FATAL: Received Segment Violation...dying
2011/6/14 Amos Jeffries squ...@treenet.co.nz:
On 14/06/11 18:42, Tom Tux wrote:
2011/6/10 Amos Jeffriessqu...@treenet.co.nz:
On 10/06/11 20:41, Tom Tux wrote:
Mmm...
Now I were able to force squid to die (with gdb):
From cache.log:
--- SNIP ---
(squid)(death+0x37)[0x564d37]
/lib64
From squid.conf.documented:
--- SNIP ---
# TAG: cache_mgr
# Email-address of local cache manager who will receive
# mail if the cache dies. The default is webmaster.
#Default:
# cache_mgr webmaster
--- SNAP ---
As I understand, squid will send a mail to the defined mail-recipient,
Mmm...
Now I were able to force squid to die (with gdb):
From cache.log:
--- SNIP ---
(squid)(death+0x37)[0x564d37]
/lib64/libpthread.so.0(+0xf5d0)[0x7f99ebe705d0]
FATAL: Received Segment Violation...dying.
2011/06/10 10:37:28.408| storeDirWriteCleanLogs: Starting...
2011/06/10 10:37:28.409|
Hi
I need to verify, if I get a mail when squid dies (I put a correct
mailaddress in cache_mgr-directive). Is there a way/hack to force
squid to die? I tried several things like revoking permissions on the
the cache-dir, moving cache.log away... - but squid is still alive.
Many thanks.
Tom
But a kill -9 kills squid the hard way. So I don't get the desired
mail (cache_mgr-directive).
2011/6/9 jeffrey j donovan dono...@beth.k12.pa.us:
On Jun 9, 2011, at 7:24 AM, Tom Tux wrote:
Hi
I need to verify, if I get a mail when squid dies (I put a correct
mailaddress in cache_mgr
Hi Helmut
killall (without any parameter) sends a sigterm (kill -15) to the
squid-processes. This command kill's indeed all sqBut this does not
bring squid to die and then send the mail. This command does just kill
the processes.
2011/6/9 Helmut Hullen hul...@t-online.de:
Hallo, Tom,
Du
(or even dies) with sending the mail to the cache_mgr. But I don't
know what has to be wrong to bring squid sending this mail. I had
already removed directory-permissions, removed the cache.log, closed
some file descriptors with gdb..but no mail.
2011/6/9 Tom Tux tomtu...@gmail.com:
Hi Helmut
...@treenet.co.nz:
On 14/05/11 00:23, Tom Tux wrote:
Hi
What does the entry Filemap bits in use with squidclient
mgr:storedir means? What happens, if this is running nearly 100% or
exactly 100%?
This describes the available file entries which may be stored in that
cache_dir. $used of $max
Hi
What does the entry Filemap bits in use with squidclient
mgr:storedir means? What happens, if this is running nearly 100% or
exactly 100%?
Thanks for a hint.
Regards,
Tom
Hi
Why does the option userhash on the cache_peer-directive also
implies the sourcehash-option?
I have the following cache_peer-directives:
cache_peer xx.xx.xx.x1 parent 12340 no-query
no-digest connect-fail-limit=5 userhash
cache_peer xx.xx.xx.x2 parent 12340
A few weeks ago, there was a post concerning certificate authentication:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Client-Certificate-Authentication-td3353759.html
Regards,
Tom
2011/4/15 J. Webster webster_j...@hotmail.com:
Is there a way to generate authentication certificates for
Hi
Sometimes, I get the squidaio_queue_request: WARNING - Queue
congestion-message in the cache.log.
On the output of squidclient mgr:squidaio_counts there is an entry
queue. Sometimes, this values increase to 1 oder 2.
My question hereby:
How many queue-entries must be fulfilled, until the
Hi
Is my scenario in general possible to implement (connect directly, if
the one and only cache_peer fails)?
Thanks a lot.
Tom
2011/2/17 Tom Tux tomtu...@gmail.com:
Hi Amos
This doesn't work as expected. I removed the never_direct entry (I
was unsure, how strong it is in the configuration
Hi
I'm trying to configure Squid (3.1.9) to connect directly, if the one
and only cache_peer (parent) fails:
cache_peer xx.xx.xx.xx parent 80800 no-query
no-digest default connect-fail-limit=5
prefer_direct off
never_direct allow all
But squid will never connect directly,
Hi
You just have to install the openldap2-devel-package from the
SLES11-SP1-SDK-DVD:
zypper install openldap2-devel
Then you should be able to compile squid.
Regards,
Tom
2011/2/8 Chad Naugle chad.nau...@travimp.com:
I have not attempted to install DVD2 yet personally, but there is a
chance
Hi
Is there a squid-snmp-oid or a squidclient-option to get the following
values (since startup of squid or since creation of cache_dirs)?
- tcp_miss
- tcp_hit
- tcp_mem_hit
If not, how can I determine these values?
Thanks a lot.
Tom
Hi
If you use authentication-mechanism like Kerberos or NTLM
(http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos) you
can see the username in the access.log. But it's necessary to register
the squid-box with a computer-account in your active-directory.
Regards,
Tom
2010/12/20 Mr
/Windows 2003 .
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktinyjgcwbo_itjqfaa2kes6gqz0nyyqx=xzu5...@mail.gmail.com...
Hi Markus
In the meantime, the klist -etk /etc/krb5.keytab have AES entries:
AES-128 CTS mode with 96-bit SHA-1 HMAC
AES-256 CTS mode with 96-bit SHA-1 HMAC
.
Is it true, that always the strongest key (in this case probably aes-256) wins?
Tom
2010/12/9 Amos Jeffries squ...@treenet.co.nz:
On 09/12/10 19:43, Tom Tux wrote:
Hi
We moved our W2K3-Domaincontrollers to W2K8-DC's. The active-directory
operational mode is still 2003.
We're using kerberos
:
Hi Tom,
What does klist -ekt squid.keytab show ? Does it have an entry for AES ?
Did you use --enctypes 28 with msktutil as described here
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos#Create_keytab
?
Markus
Tom Tux tomtu...@gmail.com wrote in message
Hi
We moved our W2K3-Domaincontrollers to W2K8-DC's. The active-directory
operational mode is still 2003.
We're using kerberos-authentication against the active-directory.
Nightly runs the msktutil --auto-update on the squid-proxy. One day,
this updated the computer-account and added the new
Hi
Have a look to ufdbguard:
http://www.urlfilterdb.com/
Regards,
Tom
2010/11/10 Tóth Tibor Péter tibor.peter.t...@mtv.hu:
Hi!
Is there a way to deny access to sites containing certain words?
I'm thinking aoubt a wordlist or something?
If possible, I would like to redirect these
Hi
I have servers, which needs to connect to microsoft.com with a POST-request:
xx,xx.xx.xx NONE/417 4362 POST http://go.microsoft.com/fwlink/? -
NONE/- text/html
This POST-request will fail (417-error), until I configure
ignore_expect_100 on in squid.conf (using squid 3.1.6).
Are there known
Hi
I have servers, which needs to connect to microsoft.com with a
POST-request. This POST-request will fail (417-error), until I
configure ignore_expect_100 on in squid.conf (using squid 3.1.6).
Are there known problems / issues, with enabling the parameter
ignore_expect_100? Could this be a
because you're just disallowing the CONNECT method (not the same as the GET
method) using non-ssl ports otherwise. There's nothing talking about allowing
it.
I think that's right
Nick
On 27 Aug 2010, at 10:09, Tom Tux tomtu...@gmail.com wrote:
Hi Amos
Thanks a lot
Amos,
It's 3.1.6 installed on a 64bit linux.
2010/8/27 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi
When I allocate for instance 2 GB cache_mem, then the
squidclient-output seems wrong:
squidy:/ # grep -i cache_mem /etc/squid/squid.conf
cache_mem 2048 MB
squidy:/tmp
Hi
For every HTTPS-Site I have the following tcp_denied/407-entry in the
access.log:
282895826.492 1 xx.xx.xx.xx TCP_DENIED/407 3720 CONNECT
mail.google.com:443 - NONE/- text/html
1282896033.320 1 xx.xx.xx.xx TCP_DENIED/407 3744 CONNECT
secure-www.novell.com:443 - NONE/- text/html
The
2010/8/27 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi
For every HTTPS-Site I have the following tcp_denied/407-entry in the
access.log:
282895826.492 1 xx.xx.xx.xx TCP_DENIED/407 3720 CONNECT
mail.google.com:443 - NONE/- text/html
1282896033.320 1 xx.xx.xx.xx TCP_DENIED
Hi
I recognised, that for some Java-Applets
(http://java.sun.com/applets/jdk/1.4/demo/applets/BarChart/example1.html)
I got TCP_DENIED/407-errors in the access.log. Depending on the
browser, I got an authentication window or a simple java-error (a x
in the browser-window).
I searched the forum
Hi
When I allocate for instance 2 GB cache_mem, then the
squidclient-output seems wrong:
squidy:/ # grep -i cache_mem /etc/squid/squid.conf
cache_mem 2048 MB
squidy:/tmp # squidclient mgr:con...@something | grep -i cache_mem
cache_mem -2147483648 bytes
When I associate 4 GB, then the
Firefox/3.6.8
So, with FF, there's nothing visible which contains Java. It seems,
that's the reason, why this won't work with FF.
Regards
Tom
2010/8/26 Nick Cairncross nick.cairncr...@condenast.co.uk:
Tom,
What does useragent.log say when you use FF?
Nick
On 26/08/2010 09:27, Tom Tux tomtu
Hi
In my access.log I have some TCP_DENIED/407-messages like the
following (from different sites):
1282649791.425 0 xx.xx.xx.xx TCP_DENIED/407 4406 GET
http://wiki.squid-cache.org/wiki/squidtheme/css/projection.css -
NONE/- text/html
What does this means? The site is accessible correctly.
with squid_kerb_ldap to
get ad-groups AND squid_ldap_auth with a memberOf-filter) running?
Thanks a lot.
Regards,
Tom
2010/8/11 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi Amos
Thanks a lot for this explanation. Both configurations seperately -
native kerberos and native ldap - are working fine
With this configuration, I'm able to access with kerberos, but never
with ldap. I always got a access denied. What directives do I have
to change/add, to get both accesses (kerberos ldap)?
Thanks a lot.
Tom
2010/8/10 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi Markus
Thank you.
So, do you know, how I
Hi
I've installed squid 3.1.6 on a linux box with compile-options
--disable-ipv6. The same options, I have on a 3.1.3er-box.
With the new 3.1.6er box, I'm not able to connect SSL-sites. In the
cache.log, I have the following entry:
2010/08/09 11:26:58| comm_open: socket failure: (97) Address
Hi
I solved this problem with activating ipv6-support on the network-interfaces.
Regards,
Tom
2010/8/9 Tom Tux tomtu...@gmail.com:
Hi
I've installed squid 3.1.6 on a linux box with compile-options
--disable-ipv6. The same options, I have on a 3.1.3er-box.
With the new 3.1.6er box, I'm
Hi
I've implemented a native kerberos-authentication with squid_kerb_auth
and squid_kerb_ldap to query ad-group-memberships. This works fine.
I'm trying to implement a fallback-mechanism with squid_ldap_auth.
But the squid_ldap_auth-fallback is not working. My config looks like this:
auth_param
not replace squid_ldap_auth
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktimybsvmrsy7a7mhbaazvfv63wdfux1i5wd6t...@mail.gmail.com...
Hi
I've implemented a native kerberos-authentication with squid_kerb_auth
and squid_kerb_ldap to query ad-group-memberships. This works fine
version do you use ? The latest squid_kerb_ldap version has a -D
option to define a default Kerberos domain for usernames without domain
info.
/usr/local/squid_kerb_ldap/bin/squid_kerb_ldap -d -g Internet Users -D
Kerberos-Domain
Regards
Markus
- Original Message - From: Tom Tux tomtu
Hi
I'm searching a way to authenticate IE6-clients with ntlm based on
group-membership and all other clients (IE7, IE8) with kerberos (also
group-membership-based).
I'm able to authenticate with kerberos AND group-membership
(squid_kerb_ldap), but the IE6-clients will then prompt for the
or just lock and unlock the PC
which would have refreshed the cache.
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktiljgrnzru9wxivap0tj22onxaknjanbczlvs...@mail.gmail.com...
Hi Markus
This problem is solved now. I rebootet the client, which results in
clearing
days. The
proxy will request new tickets for the ldap authentication, but uses a
memory cache which you can not access.
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktikqgflht3qy1hpgplvk7z5jueutwdk-bod0f...@mail.gmail.com...
Hi Markus
Is it necessary to renew
Hi Markus
This problem is solved now. I rebootet the client, which results in
clearing the client-kerberos cache. Now I'm able to authenticate and I
can use the squid_kerb_ldap-helper.
Thanks a lot for your hints.
Regards
Tom
2010/7/1 Tom Tux tomtu...@gmail.com:
Hi Markus
Thank you.
So
Hi
I've found several documents describing that IE6 SP1 doesn't support
kerberos-authentication and other documents like
http://support.microsoft.com/kb/299838 which describes a solution, how
I can enable the kerberos-authentication in IE6.
I've enabled it and rebootet the client, but I'm not
VMware Professional Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.seras...@acmeconsulting.it
WWW: http://www.acmeconsulting.it
-Messaggio originale-
Da: Tom Tux [mailto:tomtu
)
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktimytn03x2zov8afj4_3plnuq9fea0iwwwddh...@mail.gmail.com...
Hi Markus
Here is the output:
-- snip ---
proxy-test-01:/usr/local/mskutil-0.4/sbin # ./msktutil -c -s
HTTP/proxy-test-01.xx.yy -h
Hi
I'm trying to authenticate our clients with squid_kerb_ldap against
our ad. There exists a global-group called Internet. My squid.conf
looks like this:
auth_param negotiate program /usr/local/squid/libexec/squid_kerb_auth -i
auth_param negotiate children 10
auth_param negotiate keep_alive on
on SLES11 (against Windows 2003 R2
Active Directory).
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktikv8uvkdz0kyuaf_t2ybgri9ycrol4dmf6mv...@mail.gmail.com...
Hi Markus
I took a new version of msktutil from their git-repository
(http://repo.or.cz/w/msktutil.git
host/proxy-test-01.xx...@xx.yy
2010/06/30 09:45:48| squid_kerb_ldap: Error while initialising credentials
from keytab : Client not found in Kerberos database
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktilz_wefjeu1bmnpsgvnhahte6rjmr6bja-uu...@mail.gmail.com...
Hi
-controller on port 389 (instead of 636).
Could the problem be a missing library? Did someone run this tool
successfully on sles11?
2010/6/29 Henrik Nordström hen...@henriknordstrom.net:
tis 2010-06-29 klockan 07:39 +0200 skrev Tom Tux:
The computer-account already exists in the ad (joined
Hi
I'm trying to generate a computer-account with msktutil:
I got the following error:
...
...
- ldap_connect: Connecting to LDAP server: dc1.domain.com try_tls=YES
SASL/GSSAPI authentication started
SASL username: ad...@domain.com
SASL SSF: 0
Error: ldap_set_option (option=) failed (Can't
which ldap-libraries should be installed?
The following devel-packages are installed (SLES11-System):
- openldap2-devel
- cyrus-sasl-devel
2010/6/28 Nick Cairncross nick.cairncr...@condenast.co.uk:
Missing ldap libraries maybe?
On 28/06/2010 12:32, Tom Tux tomtu...@gmail.com wrote:
Hi
this works. I'm also able to telnet with tcp 636 (ldaps).
I'm just searching for a solution to kerberise squid without the need
of winbind/smb.
2010/6/28 Nick Cairncross nick.cairncr...@condenast.co.uk:
They seem ok.
Telnet to your dc on 389?
On 28/06/2010 14:40, Tom Tux tomtu
Moeller hua...@moeller.plus.com:
Can you post the whole output of msktutil with --verbose please. If msktutil
fails with TLS on port 389 it will try again without TLS.
Regards
Markus
Tom Tux tomtu...@gmail.com wrote in message
news:aanlktil1fhq5ks3nx8mostkic2qoacz1xpmp6wh6r...@mail.gmail.com
-authentication works without user-interaction (no prompt
for username/password)?
Kind regards,
Tom
2010/6/24 Jorge Armando Medina jmed...@e-compugraf.com:
Tom Tux wrote:
I didn't configured kerberos-helper like squid_kerb_auth. I'm just
using ntlm_auth. So why do I have this message?
If you
perhaps it's blocked because of EPSV (extended passive ftp). Try to
disable EPSV in squid.conf with ftp_epsv off.
regards
tom
2010/6/25 John Doe jd...@yahoo.com:
From: Malik Madni m4madnima...@hotmail.com
i want to access ftp through command prompt. but it is blocked by squid.
when i tried it
) with plain kerberos?
Thanks a lot.
Regards,
Tom
2010/6/25 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi Jorge
Is it possible to have ad-group-permissions with kerb_auth like I can
do it with ntlm_auth?
What are the disadvantages using ntlm_auth?
* Weak security algorithms. Which
Hi
With the following acl
acl ALLOWED_HOSTS src /etc/squid/Allowed_hosts
I set a list of hosts, which should be able, to get webaccess without
passing the url_rewrite_program. I read, that I can use the
url_rewrite_access-directive to make a kind of bypassing the
redirector.
How do I have to
I didn't configured kerberos-helper like squid_kerb_auth. I'm just
using ntlm_auth. So why do I have this message?
2010/6/24 Amos Jeffries squ...@treenet.co.nz:
On Wed, 23 Jun 2010 09:28:38 +0200, Tom Tux tomtu...@gmail.com wrote:
Hi
A few days ago, I already wrote a post concerning
, that websites, called from
the host listed in the file Allowed_hosts, are blocked. So this host
isn't bypassing the redirector.
Thanks.
Tom
2010/6/24 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi
With the following acl
acl ALLOWED_HOSTS src /etc/squid/Allowed_hosts
I set a list
Hi
A few days ago, I already wrote a post concerning the following
messages in the cache.log (squid 3.1.3):
[2010/06/23 09:13:46, 1] libsmb/ntlmssp.c:335(ntlmssp_update)
got NTLMSSP command 3, expected 1
[2010/06/23 09:13:46, 1] libsmb/ntlmssp.c:335(ntlmssp_update)
got NTLMSSP command 3,
Hi
I've configured squid to use NTLM with an W2K3-Active-Directory. It
works fine. Butrarely, I got the following error in the cache.log:
[2010/06/18 13:38:02, 1] libsmb/ntlmssp.c:335(ntlmssp_update)
got NTLMSSP command 3, expected 1
It is samba-winbind-3.4.3-1.17.2 installed. I've
Hi Henrik
Thank you for this hint. I put the directive ftp_epsv off in my
squid.conf; now it's working as expected.
Regards,
Tom
2010/6/10 Henrik Nordström hen...@henriknordstrom.net:
tor 2010-06-10 klockan 10:29 +0200 skrev Tom Tux:
Hi
With Squid 3.1.3, I'm not able to connect a ftp-site (ex
Hi
With Squid 3.1.3, I'm not able to connect a ftp-site (ex.
ftp://ftp.gnu.org/). The squid-process tries to connect the ftp-server
with a dynamic port (not tcp 21). This will be blocked through our
firewall:
tcp0 1 squidproxy:37656ftp.gnu.org:64789 SYN_SENT
106
/ user1 DIRECT/140.186.70.20 text/html
Thanks.
Tom
2010/6/10 Amos Jeffries squ...@treenet.co.nz:
Tom Tux wrote:
Hi
With Squid 3.1.3, I'm not able to connect a ftp-site (ex.
ftp://ftp.gnu.org/). The squid-process tries to connect the ftp-server
Error message generated by the failure please
I compiled squid 3.1.3 on a 2.6.27-kernel. There I have the same
problems. I still cannot access the ftp-server (ftp://ftp.gnu.org) or
ftp://ftp.novell.com. With the old one (3.0.Stable23), it's working.
2010/6/10 Tom Tux tomtu...@gmail.com:
I'm using kernel 2.6.32. I read, that there's
Hi
I've implemented a NTLM-authentication against a w2k3-domain.
Everything seems to work, but I've a lot of TCP_DENIED/407-errors in
my squid-access-log. Is this normal or what could be wrong here? Why
do I have so many TCP_DENIED/407 although every page is accessible?
Thanks a lot.
Tom
Hi
I'm trying to authenticate our squid-proxy against a w2k3-dc with
winbind and with the helper-protocol: squid-2.5-ntlmssp.
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
--require-membership-of=S-1-5-21-1957994488-688789844-1417001333-13571
I got the following error:
username password
With the parameter -c [seconds] (on the ldap-helper), I can specify,
how long the first domain-controller should tried to be contacted,
before the second one will tried to reach.
Regards,
Tom
2010/2/5 Tom Tux tomtu...@gmail.com:
I can provide more than one server, but if the first one
Hi all,
I'm authentication with the ldap-helper squid_ldap_auth against an
active directory. I can specify two credentials-ttls:
One is possible in the auth_param-directive:
auth_param basic credentialsttl 2 hour
The other one looks like this:
authenticate_ttl 1 hour
What is the difference
Hi
I have trouble with authentication some ad-users, which containing a
_ (underscore) in their username. The helper will always deny such
requests. Users containing no underscore in their username are
authenticated successfully.
Any hints?
Thanks a lot.
Tom
Hi all,
Any hints about this question?
2010/1/11 Tom Tux tomtu...@gmail.com:
I configured our squid to authenticate with squid_ldap_auth
squid_ldap_group against an active-directory. With the parameter -h
[ip-address of domain-controller], I'm able to define one ore more of
our ldapservers
Hi all,
Any hints about this question?
Thanks a lot.
-- Forwarded message --
From: Tom Tux tomtu...@gmail.com
Date: 2010/1/11
Subject: squid_ldap_auth with two or more domain-controllers?
To: squid-users squid-users@squid-cache.org
I configured our squid to authenticate
I configured our squid to authenticate with squid_ldap_auth
squid_ldap_group against an active-directory. With the parameter -h
[ip-address of domain-controller], I'm able to define one ore more of
our ldapservers (domain-controllers) for querying. But the setting
with the specified failover-dc
79 matches
Mail list logo