On Friday 28 February 2003 08.10, [EMAIL PROTECTED] wrote: > ldapsearch -h ldap.some.org.au -b > "cn=proxygrp,ou=groups,dc=some,dc=org,dc=au,o=Internet" > "member=cn=user1,ou=people,dc=some,dc=org,dc=au,o=Internet" > > prints all users in proxygrp, as does:
It should. All the search is interested in is if there is a group where this user is member. To make the search more obvious when testing, only ask for the DN attribute to be returned (just add "dn" after the search filter). > -b on squid_ldap_group does not seem to have an "%" substitution to > add the group name and including a filter for group and the filter > doesn't work any of the ways I have tried it- > /usr/local/squid/libexec/squid_ldap_group -h > ldap://ldap.some.org.au -D "cn=admin,o=Internet" -w "password" -b > "ou=groups,dc=some,dc=org,dc=au,o=Internet" -f > "(&(cn=%g)("member=cn=%u,ou=people,dc=some,dc=org,dc=au,o=Internet" >))" Looks correct to me, assuming you are using squid_ldap_group from a nightly snaptshot. What does ldapsearch return for the same filter? Hmm.. not sure -h accepts ldap URIs, but it most likely do not.. try using just the hostname. Regards Henrik
