I am trying to set up internet user access via ldap authentication and squid. I have set up 2 groups in an ldap server one called test-allow one called test-deny . Each group has one test user in it. The ldap server is a Windows box. My test squid proxy is a Solaris 8 box. My squid.conf on the Solaris box reads:
auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b DC=vcn,DC=ds,DC=volvo,DC=net -f uid=%s -D cn=inetaccess01,ou=Service Accounts,ou=gso,ou=it,DC=vcn,DC=ds,DC=volvo,DC=net -w password -h ldapserver auth_param basic children 5 auth_param basic realm squidbox proxy-caching web server auth_param basic credentialsttl 2 hours acl ldapauth proxy_auth REQUIRED http_access allow ldapauth external_acl_type inetaccess01 %LOGIN /usr/local/squid/libexec/squid_ldap_group -b DC=vcn,DC=ds,DC=volvo,DC=net -f "(&(uid=%v)(cn=%a))" -D inetaccess01 -w password -h ldapserver acl test-allow external inetaccess01 Testing http_access allow test-allow I get the following errors in the cache.log 2003/06/24 12:03:19| helperOpenServers: Starting 5 'squid_ldap_auth' processes 2003/06/24 12:03:21| helperOpenServers: Starting 5 'squid_ldap_group' processes 2003/06/24 12:03:21| Accepting HTTP connections at 0.0.0.0, port 80, FD 8. 2003/06/24 12:03:21| WCCP Disabled. 2003/06/24 12:03:21| Loaded Icons. 2003/06/24 12:03:21| Ready to serve requests. squid_ldap_auth: WARNING, LDAP search error 'Timelimit exceeded' squid_ldap_auth: WARNING, LDAP search error 'Timelimit exceeded' squid_ldap_auth: WARNING, LDAP search error 'Timelimit exceeded' Anyone got any ideas of what I am doing wrong? squid_ldap_match doesnt seem to help me much. Regards John Clark
