[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Squid+openldap



>I configure squid to use ldap_auth as external program authenticator,

We've used that for years,  works great.

> authenticate_program /opt/squid/libexec/squid/ldap_auth
> authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid
> authenticate_children 5

Ha!  Mr. Earnshaw will love this if he reads it.  Looks like you actually
bothered to read the fine manual.  And it bit you in the...

> [root@wapchat kk]# /opt/squid/bin/squid
> 2002/08/02 19:50:09| parseConfigFile: line 23 unrecognized: 'authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid'

Yep, that doesn't work.


Create a wrapper script like -

#!/bin/sh
exec /usr/local/bin/ldap_auth localhost 389 "o=Morrison Industries, c=US"
uid

Remove the dastardly "authenticate_options" line from squid.conf.  Set
your authenticate_program to you wrapper script
"/usr/local/sbin/ldap_auth.wrapper" in our case.  And away you go!