Dear Henrik, I tried this and it seems I have the complete output information to be debugged.
I gave this one: ############### ldapsearch -h 192.168.2.2 -vx -D CN=Administrator,CN=Users,DC=hov,DC=butanegroup,DC=COM -w XXXXXXXX -b dc=hov,dc=butanegroup,dc=com > Output ############### And then I checked the response of LDAP in Output file and I found these about my users: ################################################### # Hamed Majnoonian, Users, hov.butanegroup.com dn: CN=Hamed Majnoonian,CN=Users,DC=hov,DC=butanegroup,DC=com memberOf: CN=Internet,CN=Users,DC=hov,DC=butanegroup,DC=com accountExpires: 9223372036854775807 badPasswordTime: 0 badPwdCount: 0 codePage: 0 cn: Hamed Majnoonian countryCode: 0 description: XXXXXXXXXXXXXXXXXXXXXX displayName: Hamed Majnoonian givenName: Hamed instanceType: 4 lastLogoff: 0 lastLogon: 0 logonCount: 0 distinguishedName: CN=Hamed Majnoonian,CN=Users,DC=hov,DC=butanegroup,DC=com objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=hov,DC=butanegroup,DC com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user objectGUID:: uslzjQi0IUim/XdZpf0OaQ== objectSid:: AQUAAAAAAAUVAAAA/ibGSOsleSxDFwoy0QQAAA== physicalDeliveryOfficeName: Butane Group primaryGroupID: 513 pwdLastSet: 127183052515950126 name: Hamed Majnoonian sAMAccountName: sharpknifeedge sAMAccountType: 805306368 sn: Majnoonian telephoneNumber: XXXXXXXXXXXXXXXXXX userAccountControl: 66048 userPrincipalName: XXXXXXXXXXXXXXXXXXXXXX uSNChanged: 1731100 uSNCreated: 1730978 whenChanged: 20040111163815.0Z whenCreated: 20040111143411.0Z ########################################## The above is a sample of my ID in the AD ... So the question is how can I tell my squid_ldap_auth to check this speficifc username when it wants to check the password with AD ? Thank you again Hamed -----Original Message----- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 9:23 PM To: Hamed Majnoonian Cc: Henrik Nordstrom; [EMAIL PROTECTED] Subject: [squid-users] Re: ldapseach argument and the result of LDAP machine! On Wed, 14 Jan 2004, Hamed Majnoonian wrote: > ############################################ > > The question is, is it looks good? No. From what I can tell that only contained a few public entries added by your DNS server, nothing about your users. > The second question is I am still trying to tell squid_ldap_auth to ask > my LDAP with this argument: > > /squid_ldap_auth -h 192.168.2.2 -b dc=hov,dc=butanegroup,dc=com -f -u > sharpknifeedge -D dc=hov,dc=butanegroup,dc=com The -D option is not correct, and needs a -W (or -w) option. The -D option MUST specify a correct DN of one of the users in your directory. As indicated earlier the DN of Administrator should be something like: CN=Administrator,CN=Users,DC=juno,DC=hov,DC=butanegroup,DC=com Regards Henrik
