Re: Problem when trying to authenticate squid with openldap server

[Bruno Lamps <lampss@gmail.com>]

Hi,

Thanks Dieter Kluenter and Buchan Milne for answering to this, and everyone else that is reading this topic. =D

It seems your ACLs are not sufficient for *any* simple binds to this DN.

Please test the following on your LDAP server:

$ ldapwhoami -x -D uid=lamps,ou=usuarios,dc=pisolar -W

Until this command works, please don't bother with anything related to squid.

Right, this command isn't working for any user, except cn=admin,dc=pisolar. I'm struggling with /etc/ldap/slapd.conf, to solve this. I probably tried to make the ACLs a bit too tight, and now they're choking me. =p

Did you ever test simple binds to your LDAP server as these users except from

squid? It doesn't seem like it ...

I use this ldap base to authenticate my GLPI () system. But I think GLPI just grab all my base, using the ldap admin password, and transports it to it's mysql database. =/

I'm currently testing different ACLs in /etc/ldap/slapd.conf. Right now, these are the rules:

access to *

by dn="cn=admin,dc=pisolar" write

#by anonymous none

#by self none

by * read

access to attrs=userPassword,shadowLastChange

by dn="cn=admin,dc=pisolar" write

by anonymous auth

by self write

by * none

access to dn.base="" by * read

What kind of mistake am I doing there? =S

Once again, thank you all for helping me. ;]