Hello Rick,
I went back and double checked my notes. squid_ldap_auth expect the following input.
echo "userPassword: <password>" | <path>/squid_ldap_auth -h <ldap server> -p <port> -P -b <ldap root> -f "uid=<user ID>"
You may have other options for squid_ldap_auth than what I use. Like "-x" for example.
This should help though.
Tim
----------------------------------------------------------- Timothy E. Neto Computer Systems Engineer Komatsu Canada Limited Ph#: 905-625-6292 x265 1725B Sismet Road Fax: 905-625-6348 Mississauga, Canada E-Mail: [EMAIL PROTECTED] L4W 1P9 -----------------------------------------------------------
Rick Whitley wrote:
Thanks for the tip, but I can't seem to make it work. I know that the id and password are correct because I use them from another system (radius) to authenticate via ldap. Here is what I am getting:
proxy2:echo "ctdlaptop f0ulb3ast" | /usr/local/squid/libexec/squid_ldap_auth -b "ou=academics,o=dbu" -D "cn=LDAPUser,ou=users,o=dbu" -w "n0neshall" -h 10.5.10.215 /usr/local/squid/libexec/squid_ldap_auth: line 1: ctdlaptop: command not found
I'm confused!
rick... Rom.5:8
Tim Neto <[EMAIL PROTECTED]> 7/28/2004 8:03:12 AM >>>
A little trick not in the man pages or the docs.
When testing squid_ldap_auth or squid_ldap_group from the unix (Linux)
shell, you must pipe the username and password information into the program. This is what Squid itself does. This stumped me for a bit early on.
echo "<username> <password>" | squid_ldap_auth -options...
Otherwise, when testing all you will get is "ERR".
Tim
----------------------------------------------------------- Timothy E. Neto Computer Systems Engineer Komatsu Canada Limited Ph#: 905-625-6292 x265 1725B Sismet Road Fax: 905-625-6348 Mississauga, Canada E-Mail: [EMAIL PROTECTED] L4W 1P9 -----------------------------------------------------------
Rick Whitley wrote:
I got ldapsearch to work. I used the -x option to use a simple bind.of
Amazing how much you find out when you read "all" the options instead
stopping at the first one you need. Thanks for all the responses. NowI
getknow that squid can communicate with ldap, but I still can't get a response from squid_ldap_auth. Here is my request:
squid_ldap_auth -b "ou=academics,o=dbu" -f "cn=whitleyr" -u cn -D "cn=LDAPUser,ou=users,o=dbu" -w "n0neshall" -h 10.5.10.215
When I execute this request nothing happens, if I hit enter again I
ERR. I have looked at the man pages for squid_ldap_auth but I don'tsee
anything wrong with my request. I need other eyes to take a look atit.
thanks for your time.
rick... Rom.5:8
Henrik Nordstrom <[EMAIL PROTECTED]> 7/27/2004 5:24:30 PM >>>
On Tue, 27 Jul 2004, Rick Whitley wrote:
Thanks for the info. When I run ldapsearch I get the following
message:
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: unknown authentication method (86)
additional info: SASL(-4): no mechanism available:
man ldapsearch, look for sasl.
(-x option)
Regards Henrik
