[FUG-BR] Ajuda com squid_ldap_auth
Ricardo Souza
ricardo.souza em ti.cmtsp.com.br
Sábado Dezembro 19 10:55:52 BRST 2009
caos# ldapsearch -b "CN=squid,OU=Internet,DC=AUTOPASS" -D
"CN=squid,OU=Internet,DC=AUTOPASS" -w "nypass" -h 192.168.9.12:389
"(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
# extended LDIF
#
# LDAPv3
# base <CN=squid,OU=Internet,DC=AUTOPASS> with scope subtree
# filter: (&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
caos#
2009/12/19 Giancarlo Rubio <gianrubio em gmail.com>:
> E com esse filtro abaixo, funciona no ldapsearch??
>
> "(&(objectclass=person)(
> sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
>
>
> 2009/12/19 Ricardo Souza <ricardo.souza em ti.cmtsp.com.br>
>
>> Eu testei com ldapsearch assim.
>> A maldita sintaxe é diferente.
>>
>>
>> ldapsearch -b "CN=squid,OU=Internet,DC=AUTOPASS" -D
>> "CN=squid,OU=Internet,DC=AUTOPASS" -w "mypass" -h 192.168.9.12:389
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <CN=squid,OU=Internet,DC=AUTOPASS> with scope subtree
>> # filter: (objectclass=*)
>> # requesting: ALL
>> #
>>
>> # squid, Internet, AUTOPASS
>> dn: CN=squid,OU=Internet,DC=AUTOPASS
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> cn: squid
>> givenName: squid
>> distinguishedName: CN=squid,OU=Internet,DC=AUTOPASS
>> instanceType: 4
>> whenCreated: 20091218193058.0Z
>> whenChanged: 20091218193212.0Z
>>
>>
>>
>>
>> caos# /usr/local/libexec/squid/squid_ldap_group -b
>> "CN=squid,OU=Internet,DC=AUTOPASS" -D
>> "CN=squid,OU=Internet,DC=AUTOPASS" -w "squid123qwe" -h
>> 192.168.9.12:389 -f
>>
>> "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=autopass))"
>> -B "DC=AUTOPASS"
>> squid squid123qwe
>> ERR
>>
>>
>>
>>
>> 2009/12/19 Giancarlo Rubio <gianrubio em gmail.com>:
>> > 2009/12/19 Ricardo Souza <ricardo.souza em ti.cmtsp.com.br>
>> >
>> >> Alguem ai usa o squid_ldap_group fazendo query num AD no windows 2008?
>> >>
>> >> O user do squid está em
>> >> Ou=Internet,DC=AUTOPASS.
>> >> Nao consigo fazer a query.
>> >>
>> >>
>> >> caos# /usr/local/libexec/squid/squid_ldap_group -b
>> >> "CN=squid,OU=Internet,DC=autopass" -D
>> >> "cn=squid,ou=internet,dc=autopass" -w "mypass" -f '(&(uid=%u))' -h
>> >> 192.168.9.12 -p 389 -v3
>> >> squid mypass
>> >> ERR
>> >>
>> >
>> > Eu não uso, mais uma dica seria vc tentar fazer o filtro funcionar com
>> > ldapsearch e dps implementar usando o squid_ldap_auth.
>> >
>> >
>> > --
>> > Giancarlo Rubio
>> > -------------------------
>> > Histórico: http://www.fug.com.br/historico/html/freebsd/
>> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>> >
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>
>
>
> --
> Giancarlo Rubio
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
Mais detalhes sobre a lista de discussão freebsd