On Dec 4, 2006, at 9:04 PM, Henrik Nordstrom wrote:
There is a man page for squid_ldap_auth trying to explain most uses..
man -M /usr/local/squid/man squid_ldap_auth
Thanks. I'll re-install during some network down time and make sure
that this stuff is installed this time. Apparently, I did not choose
the LDAP optional support in the FreeBSD port when I installed it a
while ago.
BTW, sorry for the delayed reply. Real life got in the way and all
that...
* Which user attribute carries the information you want to use as
login?
Not sure. How do I find out? (Sorry, but I use LDAP for MacOS X
authentication from MacOS X workstations to a MacOS X server.)
* Based DN of your LDAP tree
IIRC, its dc=dir,dc=domain,dc=tld with obvious substitutions.
* If anonymous searches is allowed.
Yes. I already set up SquirrelMail's address book to search the
directory and this did not require any username/password pair.
Please ignore pam_auth. It's just a last resort thing when there is no
other helpers available. You should only go down that path if you want
to use the LDAP for system authentication as well.
Ah! Thanks for the info. That is a pretty major point all by
itself. Since the proxy is supposed to be an admin-only area, PAM
was definitely the wrong way to go.
Jaime
