LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-16-2005, 05:14 PM   #1
RedCamel
LQ Newbie
 
Registered: Nov 2004
Posts: 7

Rep: Reputation: 0
Squid + Active Directory "squid_ldap_auth "


My using M$ AD and I can authenticate any user in the Base DN: , but only there. How can I include the search of the rest of the OUs in my domain. I have no group for access control at this point. I would like to simply allow all and have smoothwall as my accountability. I will later revoke if need be.

Base DN: cn=users,dc=Acme,dc=Com
Bind DN username: cn=administrator,cn=users,dc=Acme,dc=Com

Entire Domain Structure of Users:

cn=users,dc=Acme,dc=Com
ou=users,ou=office,ou=acmedev,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmedev,dc=Acme,dc=Com
ou=users,ou=office,ou=acmeprod,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmeprod,dc=Acme,dc=Com
ou=users,ou=office,ou=acmemig,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmemig,dc=Acme,dc=Com

code from my squad.conf

auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b "cn=users,dc=Acme,dc=Com" -D "cn=administrator,cn=users,dc=Acme,dc=Com "
-w P@ssW0rD -f "(&(objectClass=person)(sAMAccountName=%s))" -u sAMAccountName -P 192.168.1.150:389
auth_param basic children 5
auth_param basic realm My inet Proxy
auth_param basic credentialsttl 60 minutes
 
Old 12-24-2007, 04:01 AM   #2
ksri07091983
Member
 
Registered: Nov 2007
Location: Chennai,TamilNadu,India
Distribution: RedHat,SuSE
Posts: 65

Rep: Reputation: 15
Hi,

got a chance to read your post. Here you have explained to configure squid proxy to use authentication from ADS. My doubt is in the line

auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b "cn=users,dc=Acme,dc=Com" -D "cn=administrator,cn=users,dc=Acme,dc=Com "
-w P@ssW0rD -f "(&(objectClass=person)(sAMAccountName=%s))" -u sAMAccountName -P 192.168.1.150:389


can't we use the line without the "-w P@ssW0rD" option...
that means is there a way where i can search the ADS without specifying the password.[as we do in linux LDAP]


Thanks in advance

Sridhar
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
"bad interpreter : no such file or directory" when configure "flex" acer_peri Linux - Software 10 11-10-2010 01:19 AM
New SQUID user: How to clear the "access.log" and "store.log" automatically? yuzuohong Linux - Networking 2 12-02-2006 05:37 AM
Authenticating to Samba share using "Active Directory Server" hlslaughter Linux - Software 36 07-23-2004 10:59 AM
How to active "X Window" or "X Server"..?? mhd_Ahmed Linux - Newbie 1 05-21-2003 01:51 PM
i just finished typing "./configure" and "make" in mplayer directory... kublador Linux - General 4 02-22-2003 03:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration