Hello squid users, im trying to figure out how the squid_ldap_auth and squid_ldap_group stuff works, and im kinda new to ldap. i like to setup and understand a very basic setup.
i read through a number of postings on the list, and also some webpages, for example: <http://workaround.org/moin/SquidLdap> just a few users in different groups, and wanting to allow certain users http access: my problem of understanding is basically, if i have a simple company (ldap tree) like on that page, with three groups, it-services, sales and management, how do i create a group that is allowed to surf the google pages. i somehow cant figure out what the ldap tree is going to look like then? also do i need to use both the squid_ldap_auth and squid_ldap_group (most of the postings i found, indicate so, but i dont understand why, as both squid_ldap_auth and squid_ldap_group both authenticate themselves to the ldap server) i dont quite understand what the author of the page means by > A group is just a list of dinstiguished names any hints? how does the squid_ldap_group program actually check if the user that is http-authenticating against the squid belongs to this set of distinguished names? do i need to add the users tim and tina somehow to the ldap tree in cn=googleallowed,ou=Proxygroups,o=Company? what does the ldap tree look like as whole for this example from that page? Thanks for helping to figure it out. Best regards.
