[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem when trying to authenticate squid with openldap server


Thanks Dieter Kluenter and Buchan Milne for answering to this, and everyone else that is reading this topic. =D

It seems your ACLs are not sufficient for *any* simple binds to this DN.

Please test the following on your LDAP server:
$ ldapwhoami -x -D uid=lamps,ou=usuarios,dc=pisolar -W

Until this command works, please don't bother with anything related to squid.

Right, this command isn't working for any user, except cn=admin,dc=pisolar. I'm struggling with /etc/ldap/slapd.conf, to solve this. I probably tried to make the ACLs a bit too tight, and now they're choking me. =p

Did you ever test simple binds to your LDAP server as these users except from
squid? It doesn't seem like it ...

I use this ldap base to authenticate my GLPI () system. But I think GLPI just grab all my base, using the ldap admin password, and transports it to it's mysql database. =/

I'm currently testing different ACLs in /etc/ldap/slapd.conf. Right now, these are the rules:

access to *
by dn="cn=admin,dc=pisolar" write
#by anonymous none
#by self none
by * read

access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=pisolar" write
by anonymous auth
by self write
by * none

access to dn.base="" by * read

What kind of mistake am I doing there? =S

Once again, thank you all for helping me. ;]