[squid-users] Squid with AD - missing libraries

Tue, 22 Sep 2015 04:52:59 -0700 

Hi everybody,
I am newbie with Squid3. I am trying to integrate my squid con with Active 
Directory. Squid works well in non-transparent mode. I followed this tutorial: 
http://wiki.bitbinary.com/index.php/Active_Directory_Integrated_Squid_Proxy#Authentication
 for the set up.I need to authenticate clients not authenticated via Kerberos 
and users authenticated in the AD.
I installed squid3 and ldap-utils from repositories (over Debian Jessie), but i 
can´t find some libraries such as /usr/lib/squid3/squid_ldap_group and 
/usr/lib/squid3/squid_ldap_auth. They are not in the expected directories. I 
used apt-file search but with no results.
These are the libraries in the /usr/lib/squid3 dir:basic_db_auth                
      basic_radius_auth                 basic_fake_auth               
basic_sasl_auth                    basic_getpwnam_auth          basic_smb_auth  
                           basic_ldap_auth                      
basic_smb_auth.sh                  basic_msnt_auth                              
           basic_msnt_multi_domain_auth                            
basic_ncsa_auth                                   basic_nis_auth                
                                       basic_pam_auth                     
basic_pop3_auth                    cert_tool         digest_ldap_auth 
diskddigest_file_authext_kerberos_ldap_group_acl  ext_ldap_group_acl           
ext_file_userip_aclext_unix_group_acl   ext_sql_session_aclext_session_acl      
ext_ldap_group_acl       ext_wbinfo_group_aclhelper-mux.pllog_db_daemon         
log_file_daemonnegotiate_wrapper_auth 
negotiate_wrapper_authnegotiate_kerberos_auth_test 
ntlm_fake_authpingerstoreid_file_rewriteunlinkd 
url_fake_rewrite.shnegotiate_kerberos_auth url_fake_rewritentlm_smb_lm_auth
I can't test if an user belongs to a group as shown 
here/usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D 
squid@example.local -W /etc/squid3/ldappass.txt -f 
"(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security 
Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local
EXAMPLE\Username Internet%20Users%20StandardI had to use ext_wbinfo_group_acl 
to perform that test.
Because of the missing libraries, I can't create the authentication for users 
not authenticated with Kerberos/NTLM:auth_param basic program 
/usr/lib/squid3/squid_ldap_auth -R -b "dc=example,dc=local" -D 
squid@example.local -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h 
dc1.example.local
and cannot create the LDAP authorisation for groups:external_acl_type memberof 
%LOGIN /usr/lib/squid3/squid_ldap_group -R -K -S -b "dc=example,dc=local" -D 
squid@example.local -W /etc/squid3/ldappass.txt -f 
"(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%g,ou=Security 
Groups,ou=MyBusiness,dc=example,dc=local))" -h dc1.example.local

Why those libraries does not exists? Can I perform the same authentications 
using others? 
                                          
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to