Hello,

i'm trying to to configure squid to use a ldap (ADS 2008) group check to give access to the internet. The squid mailing list couldn’t help me. Maybe you can.

 

/usr/lib64/squid/squid_ldap_group -d -v3 -b 'ou=OU3,ou=OU2,ou=OU1,dc=DOMAIN,dc=LOCAL' -f \

'(&(sAMAccountName=%v)(memberOf=cn=%a,ou=USERGRUPPEN,dc=DOMAIN,dc=LOCAL))' -D cn=LDAP,cn=USERS,dc=DOMAIN,dc=LOCAL \

-w PASSWORT -h DOMAINCONTROLLER

testuser internet

Connected OK

group filter '(&(sAMAccountName=testuser) (memberOf=cn=internet,ou=USERGROUPS,dc=DOMAIN,dc=LOCAL))', searchbase 'ou=OU3,ou=OU2,ou=OU1,dc=DOMAIN,dc=LOCAL'

ERR

 

The user TESTUSER is in OU3. The group INTERNET is in a OU called USERGROUPS. TESTUSER is member of INTERNET.
But it doesn't work.

 

Can somebody give me advice?

 

Thanks a lot

 

--

Marcel