Good Morning! I am relatively new to squid. However, I have been reading over previous postings and have read through the man files a couple of times.
With that said, I am trying to do exactly what a lot of other people before me have done, authenticate a squid cache via a windows 2000 ldap server. For the record, I am using a RedHat 9 install, with squid that was installed by default. I believe it is 2.5Stable1. Now, again with that said, I have successfully communicated with the ldap box with ldap search using the following syntax: Ldapsearch -x -h 192.168.0.123 -b dc=proteabhs,dc=com -D cn=squiduser,cn=Users,dc=proteabhs,dc=com -w ********* I have sucessfully communicated with squid_ldap_auth with the following syntax: Squid_ldap_auth -p -R -b dc=proteabhs,dc=com -D cn=squiduser,cn=Users,dc=proteabhs,dc=com -w ********* -f sAMAccount=%s objectClass=Person -h 192.168.0.123 I then type in a user name and a password and I receive the OK return. Now, with that all out of the way, I have put the same syntax into my squid.conf file and when I try to browse the net, I do receive the login box, however, my password is never accepted. It loops 3 times and then displays the default page stating that I must authenticate prior to accessing the page. >From reading the man page, I have noticed that I could try using the following syntax: Squid_ldap_auth -p -R -b dc=proteabhs,dc=com -D cn=squiduser,cn=Users,dc=proteabhs,dc=com -w ********** -f (&(sAMAccount=%s)(objectClass=Person)) -h 192.168.0.123 Notice the changes to (&(sAMAccount=%s)(objectClass=Person)) . I have tried this and it did not work. I have also tried : Squid_ldap_auth -p -R -b "dc=proteabhs,dc=com" -D "cn=squiduser,cn=Users,dc=proteabhs,dc=com" -w "***********" -f (&(sAMAccount=%s)(objectClass=Person)) -h 192.168.0.123 which did not work. I know from the command line, all is working fine. It must be a syntax issue, however ,from what I can tell I'm entering it all correctly. Any help will be greatly appreacited. I also have used a program called ldapbrowser to connect and view the ldap tree. This too works just fine. PS, please don't tell me to read the man pages <grin>, I have, over and over again. Christopher J. Joles Chief Information Officer PROTEA Behavioral Health Services 187 Exchange St. Bangor, ME 04401 Phone: (207)992-7010 Ext: 245� Fax:(207)992-7011
