Quantcast

Problem with basic_ldap_auth

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem with basic_ldap_auth

Max Giesbert
Hi everyone,

I am running Squid from the repos on Ubuntu 16.04. I can login to Squid using basic_nsca_auth without problems. When I replace the according line using basic_ldap_auth I am unable to login. The browser keeps requesting the user credentials over and over again.

If I run the command in a shell it works as expected. I type:

/usr/lib/squid/basic_ldap_auth -v 3 -b ou="MYOU",dc=DOMAINNAME,dc=TLD -D ldap_squid@MYDOMAIN -w "THEPASSWORD" -f sAMAccountName=%s -h MYHOST

Then I type username and password separated by a space and it gives "OK" or ERR if wrong credentials are provided.

Any hints what could be wrong? How can I debug further what actually is happened behind the scenes?

Thx for your help.

Max
--
Dipl. Inf. (FH) Max Giesbert
Geschäftsführer

exactt technology GmbH
 
Mobil: +49 17 75 07 53 44
Festnetz: +49 89 38 15 64 42 1
Fax: +49 89 38 15 64 42 5
Web: http://exactt.de

Fäustlestraße 3
80339 München
Germany

Fernwartung:

Sitz der Gesellschaft: München
Registergericht: Amtsgericht München, HRB 213444
Geschäftsführer: Max Giesbert, Roman Weiss

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with basic_ldap_auth

Amos Jeffries
Administrator
On 29/03/2017 2:54 a.m., Max Giesbert wrote:

> Hi everyone,
>
> I am running Squid from the repos on Ubuntu 16.04. I can login to Squid
> using basic_nsca_auth without problems. When I replace the according line
> using basic_ldap_auth I am unable to login. The browser keeps requesting
> the user credentials over and over again.
>
> If I run the command in a shell it works as expected. I type:
>
> /usr/lib/squid/basic_ldap_auth -v 3 -b ou="MYOU",dc=DOMAINNAME,dc=TLD -D
> ldap_squid@MYDOMAIN -w "THEPASSWORD" -f sAMAccountName=%s -h MYHOST
>
> Then I type username and password separated by a space and it gives "OK" or
> ERR if wrong credentials are provided.
>
> Any hints what could be wrong? How can I debug further what actually is
> happened behind the scenes?
>

Why do you have quotes around the MYOU ?
 If that includes spaces or special characters you need quotes around
the whole "ou=...dc=TLD" parameter for Squid to pass it to the helper as
a single command line option.

Amos

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem with basic_ldap_auth

Max Giesbert
Thank you so much! That did the trick. You made my day :-D

Amos Jeffries <[hidden email]> schrieb am Mi., 29. März 2017 um 03:08 Uhr:
On 29/03/2017 2:54 a.m., Max Giesbert wrote:
> Hi everyone,
>
> I am running Squid from the repos on Ubuntu 16.04. I can login to Squid
> using basic_nsca_auth without problems. When I replace the according line
> using basic_ldap_auth I am unable to login. The browser keeps requesting
> the user credentials over and over again.
>
> If I run the command in a shell it works as expected. I type:
>
> /usr/lib/squid/basic_ldap_auth -v 3 -b ou="MYOU",dc=DOMAINNAME,dc=TLD -D
> ldap_squid@MYDOMAIN -w "THEPASSWORD" -f sAMAccountName=%s -h MYHOST
>
> Then I type username and password separated by a space and it gives "OK" or
> ERR if wrong credentials are provided.
>
> Any hints what could be wrong? How can I debug further what actually is
> happened behind the scenes?
>

Why do you have quotes around the MYOU ?
 If that includes spaces or special characters you need quotes around
the whole "ou=...dc=TLD" parameter for Squid to pass it to the helper as
a single command line option.

Amos

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
--
Dipl. Inf. (FH) Max Giesbert
Geschäftsführer

exactt technology GmbH
 
Mobil: +49 17 75 07 53 44
Festnetz: +49 89 38 15 64 42 1
Fax: +49 89 38 15 64 42 5
Web: http://exactt.de

Fäustlestraße 3
80339 München
Germany

Fernwartung:

Sitz der Gesellschaft: München
Registergericht: Amtsgericht München, HRB 213444
Geschäftsführer: Max Giesbert, Roman Weiss

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Loading...