[FUG-BR] Ajuda com squid_ldap_auth
Giancarlo Rubio
gianrubio em gmail.com
Sábado Dezembro 19 11:28:29 BRST 2009
Ele jamais irá funcionar assim, troque as variaves %v e %a.
Faca funcionar pelo filtro do ldapsearch e dps troque no seu squid_ldap.
2009/12/19 Ricardo Souza <ricardo.souza em ti.cmtsp.com.br>
> caos# ldapsearch -b "CN=squid,OU=Internet,DC=AUTOPASS" -D
> "CN=squid,OU=Internet,DC=AUTOPASS" -w "nypass" -h 192.168.9.12:389
>
> "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
> # extended LDIF
> #
> # LDAPv3
> # base <CN=squid,OU=Internet,DC=AUTOPASS> with scope subtree
> # filter:
> (&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 1
> caos#
>
>
> 2009/12/19 Giancarlo Rubio <gianrubio em gmail.com>:
> > E com esse filtro abaixo, funciona no ldapsearch??
> >
> > "(&(objectclass=person)(
> > sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
> >
> >
> > 2009/12/19 Ricardo Souza <ricardo.souza em ti.cmtsp.com.br>
> >
> >> Eu testei com ldapsearch assim.
> >> A maldita sintaxe é diferente.
> >>
> >>
> >> ldapsearch -b "CN=squid,OU=Internet,DC=AUTOPASS" -D
> >> "CN=squid,OU=Internet,DC=AUTOPASS" -w "mypass" -h 192.168.9.12:389
> >> # extended LDIF
> >> #
> >> # LDAPv3
> >> # base <CN=squid,OU=Internet,DC=AUTOPASS> with scope subtree
> >> # filter: (objectclass=*)
> >> # requesting: ALL
> >> #
> >>
> >> # squid, Internet, AUTOPASS
> >> dn: CN=squid,OU=Internet,DC=AUTOPASS
> >> objectClass: top
> >> objectClass: person
> >> objectClass: organizationalPerson
> >> objectClass: user
> >> cn: squid
> >> givenName: squid
> >> distinguishedName: CN=squid,OU=Internet,DC=AUTOPASS
> >> instanceType: 4
> >> whenCreated: 20091218193058.0Z
> >> whenChanged: 20091218193212.0Z
> >>
> >>
> >>
> >>
> >> caos# /usr/local/libexec/squid/squid_ldap_group -b
> >> "CN=squid,OU=Internet,DC=AUTOPASS" -D
> >> "CN=squid,OU=Internet,DC=AUTOPASS" -w "squid123qwe" -h
> >> 192.168.9.12:389 -f
> >>
> >>
> "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
> >> -B "DC=AUTOPASS"
> >> squid squid123qwe
> >> ERR
> >>
> >>
> >>
> >>
> >> 2009/12/19 Giancarlo Rubio <gianrubio em gmail.com>:
> >> > 2009/12/19 Ricardo Souza <ricardo.souza em ti.cmtsp.com.br>
> >> >
> >> >> Alguem ai usa o squid_ldap_group fazendo query num AD no windows
> 2008?
> >> >>
> >> >> O user do squid está em
> >> >> Ou=Internet,DC=AUTOPASS.
> >> >> Nao consigo fazer a query.
> >> >>
> >> >>
> >> >> caos# /usr/local/libexec/squid/squid_ldap_group -b
> >> >> "CN=squid,OU=Internet,DC=autopass" -D
> >> >> "cn=squid,ou=internet,dc=autopass" -w "mypass" -f '(&(uid=%u))' -h
> >> >> 192.168.9.12 -p 389 -v3
> >> >> squid mypass
> >> >> ERR
> >> >>
> >> >
> >> > Eu não uso, mais uma dica seria vc tentar fazer o filtro funcionar com
> >> > ldapsearch e dps implementar usando o squid_ldap_auth.
> >> >
> >> >
> >> > --
> >> > Giancarlo Rubio
> >> > -------------------------
> >> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> >> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >> >
> >> -------------------------
> >> Histórico: http://www.fug.com.br/historico/html/freebsd/
> >> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >>
> >
> >
> >
> > --
> > Giancarlo Rubio
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
--
Giancarlo Rubio
Mais detalhes sobre a lista de discussão freebsd