I am setting-up a Squid proxy (Squid 2.5STABLE5 from Acme Consulting) on =
Win2K SP-4. Because the box is in a DMZ and not a member of the Active =
Directory Domain, I have decided to use Squid_LDAP_Auth.exe to authorize =
my users against our AD Tree. (At this time, all users with a valid =
Domain Account can access the Internet.)

Whenever I run the Squid_LDAP_Auth.exe program (either from command line =
or from Squid) I get an error stating "Squid_LDAP_Auth.exe - Application =
Error. The instruction at 0x77952d58 referenced memory at 0x00000011. =
The memory could not be read." The relevant portions of my squid.conf =
file are listed bellow. There are no errors listed in cache.log. The =
only reference is "helperOpenServers: Starting 5 'squid_ldap_auth.exe' =

Can anyone point me in the right direction? Also, when running =
Squid_LDAP_Auth.exe from the command line, do you need to change =
anything? (i.e. change the %s to the username you are trying to =
authenticate. I have tried it both ways and still get the error.)



auth_param basic program D:/squid/libexec/squid_ldap_auth.exe -P -R -b =
"dc=3Djlf,dc=3Djlf,dc=3Dcom,dc=3Dau" -D "cn=3DXXXX =
XXXX,cn=3Dusers,dc=3Djlf,dc=3Djlf,dc=3Dcom,dc=3Dau" -w "XXXXXXXX" -f =
"(&(sAMAccountName=3D%s)(objectClass=3DPerson))" -h ldap.jlf.jlf.com.au=20

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl varEVERYONE src
acl varMANAGER proto cache_object
acl varTO_LOCALHOST dst
acl varSSL_PORTS port 443 563
acl varSAFE_PORTS port 80 # http
acl varSAFE_PORTS port 21 # ftp
acl varSAFE_PORTS port 443 563 # https, snews
acl varSAFE_PORTS port 1025-65535 # unregistered ports
acl varCONNECT method CONNECT
acl JLF_Internal_Networks src

http_access allow varMANAGER varFROM_LOCALHOST
http_access deny varMANAGER
http_access deny !varSAFE_PORTS
http_access deny varCONNECT !varSSL_PORTS
http_access deny varTO_LOCALHOST
http_access allow JLF_ALLOWED_TO_SURF_THE_WEB=20
http_access deny varEVERYONE

http_reply_access allow varEVERYONE

icp_access deny varEVERYONE