Tomas Palfi wrote: > ./squid_ldap_auth -u cn -b ou="Focus Group",ou="Retail > Users",ou=Sales,dc=proton,dc=phoenix,dc=co,dc=uk ldapserver > > this works fine even with the nested ou's within the parent director
Good, but I must say your base DN looks a bit odd to me... > however, it doesn't check for any valid groups!! It should not. squid_ldap_auth does not care about groups. > external_acl_type access %LOGIN /data/test/libexec/squid_ldap_group -b ou='Focus > Group',ou='Retail Users',ou=Sales,dc=proton,dc=phoenix,dc=co,dc=uk -f > (&(cn=%g)(member=%u)(objectClass=groupOfNames)) -F > (&(uid=%s)(objectClass=organizationalPerson)) -h ldapserver Hmm.. this does not match your squid_ldap_auth line above. In your suqid_ldap_auth line you are using cn as login name, but here you are using uid. The two cannot ever match. Regards Henrik
