Hola!
He montado a Samba+Ldap para que me funcione como PDC y hasta todo va bien .
Ahora le he puesto squid para el acceso a internet a los clientes y he querido
que estos se autentifiquen contra mi Ldap pero al pedirme la clave y password
se la pongo pero me dice como si no existiera, es decir, vuelve y me la pide y
no me permite navegar.
Mi configuración de Squid es esta:
#==http_port 3128cache_mem 32
MBcache_swap_low 90cache_swap_high 95maximum_object_size 8192 KBipcache_size
2048ipcache_low 90ipcache_high 95fqdncache_size 2048cache_dir ufs
/var/spool/squid 2000 16 256cache_access_log /var/log/squid/access.logcache_log
/var/log/squid/cache.logcache_store_log /var/log/squid/store.loghosts_file
/etc/hosts##redirect_program /usr/bin/squidGuard
icon_directory /usr/share/squid/iconsshort_icon_urls onerror_directory
/usr/share/squid/errors/Spanishcoredump_dir
/var/spool/squid#=
#Recommended minimum configuration:acl all src allacl manager proto
cache_objectacl localhost src 127.0.0.1/32acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # httpsacl SSL_ports port 563 #
snewsacl SSL_ports port 873 # rsyncacl Safe_ports port 80 #
httpacl Safe_ports port 21 # ftpacl Safe_ports port 443 #
httpsacl Safe_ports port 70 # gopheracl Safe_ports port 210 #
waisacl Safe_ports port 1025-65535 # unregistered portsacl Safe_ports port 280
# http-mgmtacl Safe_ports port 488 # gss-httpacl Safe_ports
port 591 # filemakeracl Safe_ports port 777 # multiling httpacl
Safe_ports port 631 # cupsacl Safe_ports port 873 # rsyncacl
Safe_ports port 901 # SWATacl purge method PURGEacl CONNECT method
CONNECT
#===auth_param
basic program /usr/lib/squid/ldap_auth -v 3 -b dc=jq,dc=org -f uid=%s
127.0.0.1auth_param basic realm Para loguearse entre Usuario+Passwordauth_param
basic children 10auth_param basic credentialsttl 1 hours
#===LdapGroups==
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -b
ou=internet,dc=jq,dc=org -f ((cn=%g)(memberUid=%v)) -h 127.0.0.1
acl ldap-auth proxy_auth REQUIREDhttp_access deny !ldap-auth
acl ldapgroup-enabled external ldap_group internetdeny_info denied-ldapenabled
ldapgroup-enabled
http_access deny !ldapgroup-enabledhttp_access deny all
*---*
*-Edwin Quijada
*-Developer DataBase
*-JQ Microsistemas
*-Soporte PostgreSQL
*-www.jqmicrosistemas.com
*-809-849-8087
*---*