auth_param basic program меняем с
/usr/lib/squid/ldap_auth -b "o=ORG" -h slp.org -D cn=proxyuser,ou=internet,o=org -w proxypass -f "(&(cn=%s)(objectClass=Person))" -s sub
на
/usr/lib/squid/ldap_auth -b "OU=org,DC=domain,DC=ru" -h dc1.domain.ru -D proxyuser@domain.ru -w proxypass -f "sAMAccountName=%s" -s sub
и external_acl_type с
children=5 %LOGIN /usr/lib/squid/squid_ldap_group -b "o=ORG" -h slp.org -D cn=proxyuser,ou=internet,o=ORG -w proxypass -f "(&(cn=%v)(groupmembership=cn=nds_all_closed,ou=internet,o=ORG))" -s sub
на
children=5 %LOGIN /usr/lib/squid/squid_ldap_group -b "OU=org,DC=domain,DC=ru" -h dc1.domain.ru -D proxyuser@domain.ru -w proxypass -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=nds_all_closed,OU=Internet,OU=org,DC=domain,DC=ru))" -s sub
/usr/lib/squid/ldap_auth -b "o=ORG" -h slp.org -D cn=proxyuser,ou=internet,o=org -w proxypass -f "(&(cn=%s)(objectClass=Person))" -s sub
на
/usr/lib/squid/ldap_auth -b "OU=org,DC=domain,DC=ru" -h dc1.domain.ru -D proxyuser@domain.ru -w proxypass -f "sAMAccountName=%s" -s sub
и external_acl_type с
children=5 %LOGIN /usr/lib/squid/squid_ldap_group -b "o=ORG" -h slp.org -D cn=proxyuser,ou=internet,o=ORG -w proxypass -f "(&(cn=%v)(groupmembership=cn=nds_all_closed,ou=internet,o=ORG))" -s sub
на
children=5 %LOGIN /usr/lib/squid/squid_ldap_group -b "OU=org,DC=domain,DC=ru" -h dc1.domain.ru -D proxyuser@domain.ru -w proxypass -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=nds_all_closed,OU=Internet,OU=org,DC=domain,DC=ru))" -s sub
Комментариев нет:
Отправить комментарий