Re: [squid-users] LDAP related question.

Fri, 31 Jul 2015 14:18:41 -0700 

On 07/31/2015 08:34 AM, Dan Purgert wrote:

Quoting Eliezer Croitoru <[email protected]>:


I managed to make it work!
I am using ubuntu 14.04.2 with openLDAP and phpldapadmin.
I have changed my server to look like yours and it still didn't work.
So what I did was this: I changed the command to:
/usr/lib/squid3/ext_ldap_group_acl -d -b "dc=ngtech,dc=local" -D "cn=admin,dc=ngtech,dc=local" -w password-f "(&(objectClass=*)(memberUid=%u)(cn=%g))" -h 127.0.0.1 

Which actually works great.
I enter:"user1 parents" and it says OK.
I have been reading that there might be a reason that memberOf will not work as expected and was hoping someone here might know about it.
Oh right, I had to compile in(?) something to make "memberOf" play nice. Don't remember if it was in slapd or squid though... would need to grab my setup notes from that server to see. 

Glad to hear you got it working though!



_______________________________________________
squid-users mailing list
[email protected]
http://lists.squid-cache.org/listinfo/squid-users

since you have phpLDAPAdmin, my exports should be a near 1:1 import for you.

load the module:
dn: cn=module{2},cn=config #<-- adjust the number between { and } to your env 
cn: module{2}  # <-- same adjustment as above
objectclass: olcModuleList
objectclass: top
olcmoduleload: {0}memberof.la # <-- this is 0 because its the first module loaded in this cn olcmodulepath: /usr/lib64/openldap #<-- adjust for your env, this where fedora places the *.la files; memberof.la should be in this dir 

load the overlay into the database (not the DIT):
dn: olcOverlay={2}memberof,olcDatabase={2}mdb,cn=config #<-- again adjust for your env it is coincidence that both #s are 2 in my env. 
objectclass: olcOverlayConfig
objectclass: olcMemberOf
objectclass: top
olcmemberofrefint: TRUE
olcoverlay: {2}memberof  # <-- adjust for your env, too

i will send screenshots from my phpLDAPAdmin to you off list













_______________________________________________
squid-users mailing list
[email protected]
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to