Hello!
I am using squid-2.5.STABLE5-42.21 to access openldap2-2.2.27-6 LDAPv3.
I am running SuSE which includes 2 versions of squid ldap auth via RPM.
they are:
:~ # which squid_ldap_auth
/usr/sbin/squid_ldap_auth
:~ # which squid_ldapauth
/usr/sbin/squid_ldapauth
In trying to test the commands from the cli, I can get squid_ldapauth to
connect to the server via test account with an /etc/squid_ldapauth.conf
file of:
#
ldap-server : pdc.wackyworld.tv
ldap-port : 389
ldap-suffix : dc=wackyworld,dc=tv
ldap-filter : (uid=%s)
ldap-passwdfield: userPassword
ldap-binddn : uid=bobo,ou=Users,dc=wackyworld,dc=tv
ldap-password : bobo1
but I get this in the logs:
Jul 21 14:39:45 pdc slapd[26580]: conn=739 fd=16 ACCEPT from
IP=#removed#:38137 (IP=0.0.0.0:389)
Jul 21 14:39:45 pdc slapd[26580]: conn=739 op=0 BIND
dn="uid=bobo,ou=Users,dc=wackyworld,dc=tv" method=128
Jul 21 14:39:45 pdc slapd[26580]: conn=739 op=0 RESULT tag=97 err=2
text=historical protocol version requested, use LDAPv3 instead
Jul 21 14:39:45 pdc slapd[26580]: conn=739 fd=16 closed
So it's trying LDAPv2.
The only options for this command are
usage: squid_ldapauth [-h] [-v] [-q] [-l]
-h this help text
-v verbose mode - default is off
-q log queries - default is off
-l togle usage of syslog - default is on
so I can't use v3.
the other command:
squid_ldap_auth never connects. It just sits at a new line and never
returns to the prompt without a ctrl-c. I've tried many different
variations of:
squid_ldap_auth -b "ou=Users,dc=wackyworld,dc=tv" -s sub -h
pdc.wackyworld.tv -p 389 -v 3 -f "uid=%s"
including using several -D dn's -w "passwords" that are acl'd in LDAP
for all access. Still no connect in the LDAP logs and the program hangs
at a new line.
Any Ideas? I can ldapsearch with success all day from the same machine
squid resides on. It works fine. Why won't squid_ldap_auth connect?
How can I debug? I see nothing in syslog and the man page says:
--snip--
Debug mode where each step taken will get reported in detail.
Useful for understanding what goes wrong if the results is
not what is expected.
--/snip--
at the end but no option flag is listed. I've tried strace but see
nothing useful.
Thanks.
Mike Branda
Received on Fri Jul 21 2006 - 14:06:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT