[SOLVED] SquidGuard LDAP authentication with Active Directory

okcomputer44 · 11-09-2010, 05:59 AM

Hello guys!

I'm having a problem with squidguard filter with AD authentication.

I have downloaded the latest stable source package from squidguard site and I followed the instructions for the ldap(AD) authentication but it does not work at all.

I have googled and tried everything but no luck. (first 30 hits on google)

Anyway this is the LDAP auth part: http://www.squidguard.org/Doc/authentication.html at squidguard and this is how to build the package: http://www.squidguard.org/Doc/ldap.html

The squidguard says:

Quote:

syntax error in configfile /etc/squid/squidGuard.conf line 18

when I put the

Quote:

ldapusersearch

command into the squidguard.conf file.

Otherwise it works well and filter the sites and everything as it should.
When I builded the package with the configure command (--with-ldap=yes)it said that:

Quote:

checking for ldap support... yes

so it definitelly built in already.
So I really don't understand why it does not recognise the ldapusersearch command at all.

If someone has a suggestion or anything please let me know.

Thanks guys!

okcomputer44 · 11-09-2010, 10:16 AM

Well at least I know that the build version does not recognise ldap at all.

First I erased all the versions of the squidguard with yum.
Then I rebuild the package from zero.

This new builds does not know ldap at all. But it says ldap-support=yes when I made the package with the configure command.

It starts complain straight away at the first line of the ldap part when I start the squidguard.

Same thing as with the another package. Syntax error at line 7. "ldapbinddn"
If I'll know more I'll let you know guys what was wrong.

okcomputer44 · 11-14-2010, 05:30 PM

Finally I got it worked.

The problem was laid out at the package management.
Even I tried to remove the squidguard rpm(s) it didn’t worked properly.

I have built the new squidguard from zero, on a different machine and it worked straight away.

I’m going to make a tutorial about this, how to install and configure the whole lot.
Right now I can manage users from the Active Directory in Windows 2008 with squid/squidguard!!

The squid and the squidguard are authenticated through the AD.
If the user is not in the appropriate organization and group he/she can’t reach the Internet.
If the user belongs to X group(in AD) there are no filtering. (Boss/Stock holders/Bosses relatives)
If the user belongs to Y group(in AD) the squidguard filters that group but only that. (Users/Robots/etc..)

So right now it works as the MS ISA server. Well even better of course!

There you go guys, this is the install script for CentOS squidguard: http://opensourcetechnology.co.uk/?p=44