Squid + Active Directory "squid_ldap_auth "
My using M$ AD and I can authenticate any user in the Base DN: , but only there. How can I include the search of the rest of the OUs in my domain. I have no group for access control at this point. I would like to simply allow all and have smoothwall as my accountability. I will later revoke if need be.
Base DN: cn=users,dc=Acme,dc=Com
Bind DN username: cn=administrator,cn=users,dc=Acme,dc=Com
Entire Domain Structure of Users:
cn=users,dc=Acme,dc=Com
ou=users,ou=office,ou=acmedev,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmedev,dc=Acme,dc=Com
ou=users,ou=office,ou=acmeprod,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmeprod,dc=Acme,dc=Com
ou=users,ou=office,ou=acmemig,dc=Acme,dc=Com
ou=users,ou=lab,ou=acmemig,dc=Acme,dc=Com
code from my squad.conf
auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -b "cn=users,dc=Acme,dc=Com" -D "cn=administrator,cn=users,dc=Acme,dc=Com "
-w P@ssW0rD -f "(&(objectClass=person)(sAMAccountName=%s))" -u sAMAccountName -P 192.168.1.150:389
auth_param basic children 5
auth_param basic realm My inet Proxy
auth_param basic credentialsttl 60 minutes
|