Does anyone know of a way to query multiple LDAP servers using the squid_ldap_auth? I am running 2.6STABLE9.
What I'm really looking to do is perform an LDAP look up to find a user in any one of 3 separate Windows domains. |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 On 05/14/2007 09:53 AM, [hidden email] wrote: > Does anyone know of a way to query multiple LDAP servers using > the squid_ldap_auth? I am running 2.6STABLE9. > > What I'm really looking to do is perform an LDAP look up to > find a user in any one of 3 separate Windows domains. I never tried against multiple servers, but we use a custom shell script to authenticate our users, so you could create a shell script and with some "if then else" you should be able to test agains the 3 machines. Here is the line: auth_param basic program <path-to-script> Basically, the script need to answer using the SQUID auth protocol (OK or ERR), you could still use ldap_auth inside of it, just test the return or something related before test the next server. I hope this helps, kind regards, - -- Felipe Augusto van de Wiel <[hidden email]> Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGSctvCj65ZxU4gPQRAqQvAKC/VHUWuI7XS65l+/5eg2SnBfP1+gCfauuW qbdPr+zh6ishoDVhf1kzFsI= =j39x -----END PGP SIGNATURE----- |
Or depending on your setup and server os you could have squid point at
pam and have pam utilize the 3 ldap servers as the back end... The former suggestion is better in my opinion, but pam would get the job done (while introducing the joys of winbind possibly....) The script makes more sense but sometime utilizing code someone else wrote is a bit safer... YMMV Pat On Tue, 2007-05-15 at 12:02 -0300, Felipe Augusto van de Wiel wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 05/14/2007 09:53 AM, [hidden email] wrote: > > Does anyone know of a way to query multiple LDAP servers using > > the squid_ldap_auth? I am running 2.6STABLE9. > > > > What I'm really looking to do is perform an LDAP look up to > > find a user in any one of 3 separate Windows domains. > > I never tried against multiple servers, but we use a > custom shell script to authenticate our users, so you could > create a shell script and with some "if then else" you should > be able to test agains the 3 machines. Here is the line: > > auth_param basic program <path-to-script> > > > Basically, the script need to answer using the SQUID > auth protocol (OK or ERR), you could still use ldap_auth inside > of it, just test the return or something related before test the > next server. > > > I hope this helps, kind regards, > > - -- > Felipe Augusto van de Wiel <[hidden email]> > Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE > http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFGSctvCj65ZxU4gPQRAqQvAKC/VHUWuI7XS65l+/5eg2SnBfP1+gCfauuW > qbdPr+zh6ishoDVhf1kzFsI= > =j39x > -----END PGP SIGNATURE----- |
Free forum by Nabble | Edit this page |