Test if the autenticator work..
run "/usr/lib/squid/squid_ldap_auth -R -b "dc=xx,dc=yyy,dc=uuuu,dc=rrrr" -f
sAMAccountName=%s -h 10.239.56.2"
And enter "Username<SPACE>password<ENTER>" IF you get OK the autenticator
Works If you always get an ERR you should chech te configuration of the
Helper / the Ldap Server
And "for testing only" use this Http_access Schema
http_access allow password
http_access deny all
> My squid.conf is:
> .....
> auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
> "dc=xx,dc=yyy,dc=uuuu,dc=rrrr" -f sAMAccountName=%s -h 10.239.56.2
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> auth_param basic casesensitive off
> .....
> acl password proxy_auth REQUIRED
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563 407
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl Safe_ports port 407
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access allow password
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access deny all
> ....
> cache_peer another-proxy.xxxx.com parent 8080 0 proxy-only default
> #
>
> Which is the problem?
>
Received on Mon Feb 13 2006 - 08:33:09 MST
This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST