m�n 2003-07-07 klockan 10.02 skrev James Wang: > What do you mean as you write "If the login is a plain attribute on the > users object and not what makes the users DN" ?
Each object (user, group, organization, computer, contact person, ...) in an LDAP directory is named by a DN. A DN indicate where in your LDAP directory tree the object is located, and ends with a unique name at that location (usually uid or cn). Each object then consists of a list of attributes giving the details of this object such as First Name, Surname, Password, Phone number, Address, .... The unique name mentioned above should be one of these attributes or else maintenance of your directory may become a bit ugly. If the login name is the attribute which makes the unique part of your users DN and all your users are placed in a flat structure with no subunits then no search filter is strictly required by squid_ldap_auth as it can then directly construct the users unique DN from the base dn plus the login name. If your users are not in a flat structure (i.e. if they are divided into different subtrees of your LDAP directory) or if you are using another attribute not used for the users DN as login name then a search filter (-f argument) must be used to locate the user object in your LDAP directory. -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract. If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
