suid_ldap_auth and OS X OpenLDAP3 Server - squid

This is a discussion on suid_ldap_auth and OS X OpenLDAP3 Server - squid ; I am trying to get squid authentication going with our OS X.3.5 server... I can get some info from ldap server using the following command: ldapsearch -x -h 192.168.152.53 -b cn=users,dc=test,dc=co,dc=nz "(uid=username)" This command returns all information regarding user username.. ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: suid_ldap_auth and OS X OpenLDAP3 Server

  1. suid_ldap_auth and OS X OpenLDAP3 Server

    I am trying to get squid authentication going with our OS X.3.5
    server...

    I can get some info from ldap server using the following command:

    ldapsearch -x -h 192.168.152.53 -b cn=users,dc=test,dc=co,dc=nz
    "(uid=username)"

    This command returns all information regarding user username..

    If i try to authenticate as user using ldapsearch using the following
    command:

    ldapsearch -x -D dc=test,dc=co,dc=nz,ou=users,uid=username -W -b
    ou=users,dc=test,dc=co,dc=nz -h 192.168.152.53
    Enter LDAP Password:
    ldap_bind: Invalid credentials (49)

    or...

    ldapsearch -x -D uid=username,ou=users,cn=test,cn=co,cn=nz -W -b
    ou=users,dc=test,dc=co,dc=nz -h 192.168.152.53
    Enter LDAP Password:
    ldap_bind: Invalid credentials (49)


    I know the password for this user is correct.. is it the encryption
    that it is failing on??

    I try to use squid_ldap_auth using the following command:

    ../squid_ldap_auth -h 192.168.152.53 -b "ou=users,dc=test,dc=co,dc=nz"
    -f "(&(objectClass=person)(uid=%s))"
    username password
    squid_ldap_auth: WARNING, LDAP search error 'No such object'
    squid_ldap_auth: WARNING, LDAP search error 'No such object'
    ERR

    or ....

    ../squid_ldap_auth -h 192.168.152.53 -b "ou=users,dc=test,dc=co,dc=nz"
    -f "(uid=%s)"
    username password
    squid_ldap_auth: WARNING, LDAP search error 'No such object'
    squid_ldap_auth: WARNING, LDAP search error 'No such object'
    ERR

    Am I missing something little,,, is it because apple have hacked the
    openldapv3 server??? and if so is there a workaround??

  2. Re: suid_ldap_auth and OS X OpenLDAP3 Server

    I have got ldapsearch working with authentication... entering the
    following command:

    ldapsearch -x -D uid=username,cn=users,dc=test,dc=co,dc=nz -W -b
    dc=test,dc=co,dc=nz -h 192.168.152.53 uid=username

    prompts me for the ldap password for user username, when I enter the
    password i get all the info regarding user username from my ldap
    server.. the last few lines are:

    # search result
    search: 2
    result: 0 Success

    # numResponses: 2
    # numEntries: 1

    But I can still not authenticate using squid_ldap_auth... help please,
    is it the filter I am using. Is there more information i need to
    provide?? please advise.

  3. Re: suid_ldap_auth and OS X OpenLDAP3 Server

    I have discovered that apple has created their own structure of ldap
    database. Instead of creating Organizational Units to store user
    accounts in, they us a container instead... ie the full dn of a users
    account will be:

    dn: uid=username, cn=users, dc=test, dc=com

    instead of being the standard:

    dn: uid=username, ou=users, dc=test, dc=com

    I will now see if I can work around this issue. Any sugestions will be
    appreciated.

  4. Re: suid_ldap_auth and OS X OpenLDAP3 Server

    I have come to the conclusion that apple using a container instead of
    an organizational unit does not make a difference when trying to
    authenticate to an ldap server..


    Can anyone help me out???




    Anyone????????

+ Reply to Thread