Mauricio Silveira wrote:
> Hi all
>
> I'm a real newbie on using LDAP... I'm using here Slackware 12 without pam.
>
> I have just compiled squid 2.6.STABLE16, I'm on a fight with the ldap
> auth module...
>
> Look at this:
>
> The former:
> /usr/libexec/squid/squid_ldap_auth -b "dc=LINUXDEV,dc=INTRANET" -D
> "cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d -f
> sAMAccountName=%s -h 192.168.10.10
> username password
> squid_ldap_auth: WARNING, LDAP search error 'Operations error'
> ERR Success
>
> The latter:
> /usr/libexec/squid/squid_ldap_auth -b "cn=Users,dc=LINUXDEV,dc=INTRANET"
> -D "cn=Administrator,cn=Users,dc=LINUXDEV,dc=INTRANET" -w "password" -d
> -f sAMAccountName=%s -h 192.168.10.10
> username password
> OK
>
>
> My question is: WHY????
> Should I really provide an object such as the cn=Users to start from?
Unkown to me....
> And BTW... squid_ldap_auth seems to be caching queries... I just changed
> the test user's password and the old password still returns Ok.
this from the manual command-line tests or through squid?
squid caches the auth. You need to set authenticate_ttl to something
less than the default hour to test.
I don't think any of the squid helpers cache, they don't need to. But
the ldap server may also have some internal cache.
Amos
Received on Thu Nov 01 2007 - 05:17:25 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:01 MST