hilipp
Gesendet: Montag, 22. Februar 2021 um 12:22 Uhr
Von: "Amos Jeffries"
An: "squid list"
Betreff: Re: [squid-users] Squid doesn't notice AD group changes
On 22/02/21 11:41 pm, heimarbeit123.99 wrote:
> You were right! I realy don't know how I was able to
On 22/02/21 11:41 pm, heimarbeit123.99 wrote:
You were right! I realy don't know how I was able to miss this..
I removed "-R" and don't get the error anymore. I did read the
documentation again and -K and -S should be fine. -d of course too.
But now I get the error "WARNING: LDAP search error 'O
det: Montag, 22. Februar 2021 um 11:05 Uhr
Von: "Amos Jeffries"
An: "squid list"
Betreff: Re: [squid-users] Squid doesn't notice AD group changes
On 22/02/21 10:42 pm, heimarbeit123.99 wrote:
> of course I did read the documentation. Otherwise I would not have asked
>
On 22/02/21 10:42 pm, heimarbeit123.99 wrote:
of course I did read the documentation. Otherwise I would not have asked
here. I would not ask for your time if the solution would be available
for myself.
I am asking right here -after some weeks- because I do not know what is
finally wrong.
You
Even google does not help me here so I am asking this community..
Gesendet: Montag, 22. Februar 2021 um 10:24 Uhr
Von: "Amos Jeffries"
An: squid-users@lists.squid-cache.org
Betreff: Re: [squid-users] Squid doesn't notice AD group changes
On 22/02/21 9:26 pm, heimarbeit123.99 w
On 22/02/21 9:26 pm, heimarbeit123.99 wrote:
So I finally tried it on my Squid Proxy.
I edited the squid like this:
external_acl_type ad_group_member_check ttl=120 %LOGIN
/usr/lib/squid/ext_ldap_group_acl -d -R -K -S -b "dc=domain,dc=com" -D
proxyu...@domain.com -W /etc/squid/ldappass.txt -f
"
eone help?
Regards,
Philipp
Gesendet: Sonntag, 24. Januar 2021 um 17:02 Uhr
Von: "Marek Greško"
An: heimarbeit123...@web.de
Cc: squid-users@lists.squid-cache.org
Betreff: Re: [squid-users] Squid doesn't notice AD group changes
Hello,
that looks correct. Maybe I would
Hello,
that looks correct. Maybe I would add -B option to the
ext_ldap_group_acl helper to specify basedn for users.
Marek
2021-01-24 10:06 GMT+01:00, heimarbeit123...@web.de :
> Thanks for your replies!
>
> Yes, I did try "external_acl_type wbinfocheck %LOGIN
> /usr/lib/squid/ext_wbinfo_group_
Thanks for your replies!Yes, I did try "external_acl_type wbinfocheck %LOGIN /usr/lib/squid/ext_wbinfo_group_acl -K".So if my fqdn would be "my.domain.com" it would be:external_acl_type ad_group_member_check ttl=120 %LOGIN /usr/lib/squid/ext_ldap_group_acl -d -R -K -S -b "dc=domain,dc=com" -D 192.1
The issue is many layers of caching and interdependent data.Once the auth backend system is producing the right output the group helper cache needs to expire, then lookups by that helper will be correct.Then all the tcp connections holding onto that users credentials need to close. Only once all th
lf Of
heimarbeit123...@web.de
Sent: Wednesday, January 20, 2021 3:51 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Squid doesn't notice AD group changes
Hello all! :)
I am running squid 4.1 on the newest Linux Mint with Kerberos SSO(connected to
my AD), so I can chec
e
Sent: Wednesday, January 20, 2021 3:51 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Squid doesn't notice AD group changes
Hello all! :)
I am running squid 4.1 on the newest Linux Mint with Kerberos SSO(connected to
my AD), so I can check for AD groups and therefore blo
some similar problem here...
What type of acl do you use for the group selection? Could you please
post the related config lines?
Remember, the client caches also the group informations, i have to
logout/login to let this take effect.
(check with "whoami /groups")
Regards
Klaus
Am Mittwoch, de
Hello all! :)
I am running squid 4.1 on the newest Linux Mint with Kerberos SSO(connected to my AD), so I can check for AD groups and therefore block websites and so on. Thanks to the very good documentation everything looks good so far!
But there is one realy big problem: Squid does not reco
14 matches
Mail list logo
