Hello, no one here replied to my question :-( , but for the sake of completeness, here the working config:
/usr/lib64/squid/squid_ldap_group -R -K -b "dc=domain,dc=local" -D administrator -w "AdminPW" \ -f "(&(objectclass=person)(sAMAccountName=%v) \ (memberof=cn=%g,ou=UserGroups,dc=domain,dc=local))" -h domaincontroller Von: [email protected] [mailto:[email protected]] Im Auftrag von Fuhrmann, Marcel Gesendet: Mittwoch, 30. Januar 2013 16:41 An: [email protected] Betreff: problem with ldap group check in squid Hello, i'm trying to to configure squid to use a ldap (ADS 2008) group check to give access to the internet. The squid mailing list couldn't help me. Maybe you can. /usr/lib64/squid/squid_ldap_group -d -v3 -b 'ou=OU3,ou=OU2,ou=OU1,dc=DOMAIN,dc=LOCAL' -f \ '(&(sAMAccountName=%v)(memberOf=cn=%a,ou=USERGRUPPEN,dc=DOMAIN,dc=LOCAL))' -D cn=LDAP,cn=USERS,dc=DOMAIN,dc=LOCAL \ -w PASSWORT -h DOMAINCONTROLLER testuser internet Connected OK group filter '(&(sAMAccountName=testuser) (memberOf=cn=internet,ou=USERGROUPS,dc=DOMAIN,dc=LOCAL))', searchbase 'ou=OU3,ou=OU2,ou=OU1,dc=DOMAIN,dc=LOCAL' ERR The user TESTUSER is in OU3. The group INTERNET is in a OU called USERGROUPS. TESTUSER is member of INTERNET. But it doesn't work. Can somebody give me advice? Thanks a lot -- Marcel
