SquidGuard LDAP authentication with Active Directory
 

Hello guys!

I'm having a problem with squidguard filter with AD authentication.

I have downloaded the latest stable source package from squidguard site and I followed the instructions for the ldap(AD) authentication but it does not work at all.

I have googled and tried everything but no luck. (first 30 hits on google) ;)

Anyway this is the LDAP auth part: http://www.squidguard.org/Doc/authentication.html at squidguard and this is how to build the package: http://www.squidguard.org/Doc/ldap.html

The squidguard says: when I put the command into the squidguard.conf file.

Otherwise it works well and filter the sites and everything as it should.
When I builded the package with the configure command (--with-ldap=yes)it said that: so it definitelly built in already.
So I really don't understand why it does not recognise the ldapusersearch command at all.

If someone has a suggestion or anything please let me know.

Thanks guys!

Well at least I know that the build version does not recognise ldap at all.

First I erased all the versions of the squidguard with yum.
Then I rebuild the package from zero.

This new builds does not know ldap at all. But it says ldap-support=yes when I made the package with the configure command.

It starts complain straight away at the first line of the ldap part when I start the squidguard.

Same thing as with the another package. Syntax error at line 7. "ldapbinddn"
If I'll know more I'll let you know guys what was wrong.

Finally I got it worked.

The problem was laid out at the package management.
Even I tried to remove the squidguard rpm(s) it didn’t worked properly.

I have built the new squidguard from zero, on a different machine and it worked straight away.

I’m going to make a tutorial about this, how to install and configure the whole lot.
Right now I can manage users from the Active Directory in Windows 2008 with squid/squidguard!!

The squid and the squidguard are authenticated through the AD.
If the user is not in the appropriate organization and group he/she can’t reach the Internet.
If the user belongs to X group(in AD) there are no filtering. (Boss/Stock holders/Bosses relatives)
If the user belongs to Y group(in AD) the squidguard filters that group but only that. (Users/Robots/etc..) :)

So right now it works as the MS ISA server. Well even better of course!

There you go guys, this is the install script for CentOS squidguard: http://opensourcetechnology.co.uk/?p=44