ldapsearch expects a single LDAP filter argument. The next argument is what data you want to have returned. To search for a object having both attribtues uid=vogels and cn=CAS_NU_Internetuser the filter becomes
(&(uid=vogels)(cn=CAS_NU_Internetuser)) However, this does not make sense as the group does not have uid=vogels.. uid=vogels belongs to the user object, while cn=CAS_NU_Internetuser belongs to the group object. To get a better understanding of how groups works in LDAP try these two searches: ldapsearch ... uid=vogels ldapsearch ... cn=CAS_NU_Internetuser and then compare the returned data, considering that the first is a user, the second a group with several users as members.. Regards Henrik ons 2003-04-02 klockan 15.43 skrev [EMAIL PROTECTED]: > I have used your syntax with the changed groupname: > > squid_ldap_group -b "o=cag" -f " > (&(cn=CAS_NU_Internetuser)(objectClass=groupOfNames)(member=%u))" -F " > (&(uid=%s)(objectClass=Person))" 172.25.0.19 > > Of cource I have tried ldapsearch on my Server, with: > ldapsearch -h 172.25.0.19 -p 389 uid="vogels" cn="CAS_NU_Internetuser" > as result I get: > CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag > what is correct for my name. The result is the entry that is in the > "member-field" of the group > Tests with other users are resulting in their names, even if they are not > in the group. > > May be I do not completely understand ldap :-( > > Regards > Stefan > > > > Henrik Nordstrom > <[EMAIL PROTECTED] > org> To > [EMAIL PROTECTED] > 02.04.2003 14:27 cc > [EMAIL PROTECTED] > Subject > Re: [squid-users] Authentification > against DominoNotes LDAP > > > > > > > > > > > Exacly what are you using now? > > Have you tried using the ldapsearch tool to gain an understanding of the > LDAP structure of your server? > > Regards > Henrik > > > ons 2003-04-02 klockan 13.53 skrev [EMAIL PROTECTED]: > > Hello, > > > > I have checked your syntax, but it still does not work. > > > > I have now renamed the group to "CAS_NU_Internetuser", so it now does not > > have any spaces anymore, but this is not still not working. > > > > When I start the script on the shell, I enter the Shortname (vogels) and > > the goupname (cas_nu_internetuser) seperated by a blank. As result I > > always get ERR. > > > > Any more ideas? > > Is there a way to see more detailed results, but ERR? > > > > Regards > > Stefan > > > > > > > > > > > Henrik Nordstrom > > > <[EMAIL PROTECTED] > > > org> > To > > [EMAIL PROTECTED] > > > 02.04.2003 11:45 > cc > > [EMAIL PROTECTED] > > > > Subject > > Re: [squid-users] Authentification > > > against DominoNotes LDAP > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ons 2003-04-02 klockan 09.56 skrev [EMAIL PROTECTED]: > > > Thanks, it didn't install correctly, but now I found it in the > > > sourcedirectory. > > > > > > Nevertheless I did not get it working. > > > I have a group called "Internetuser NU" and a basedn "o=cag" > > > I have tried > > > squid_ldap_group -b "o=cag" -f "Internetuser NU" -F uid=%s 172.25.0.19 > > > > > > The above -f argument is not a valid LDAP filter specification... > > > > Try this > > > > squid_ldap_group -b "o=cag" -f "(&(cn=Internetuser > > NU)(objectClass=groupOfNames)(member=%u))" -F > > "(&(uid=%s)(objectClass=Person))" 172.25.0.19 > > > > > > -- > > Henrik Nordstrom <[EMAIL PROTECTED]> > > MARA Systems AB, Sweden > > > > > -- > Henrik Nordstrom <[EMAIL PROTECTED]> > MARA Systems AB, Sweden > > -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB, Sweden
