Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Problem by asking password of LDAP

Posted on 2007-11-20
2
Medium Priority
?
1,408 Views
Last Modified: 2012-06-22
Hi, I try to authentify with Digest_LDAP_auth my LDAP, but I get always an error statement.
I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.
I got an OU=daemon and UID=squid.
I got in OU=user and UID=test.
With the command :

digest_ldap_auth -v 3 -b "ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de" -D "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de" -u "uid=squid" -A "userPassword"-e -w test -h 192.xxx.xxx.xxx:389
test test
I tried to login to LDAP with the userid=squid and check if the user test exsist with a password.

The result of these is an ERR.

Can someone help me?
THX

0
Comment
Question by:eb2007
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 1500 total points
ID: 20332136
Probably you have already read this HOWTO: http://wiki.squid-cache.org/KnowledgeBase/Using_the_digest_LDAP_authetication_helper

> I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.

It seems you are not. You are using this base dn (-b flag): ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de

> I tried to login to LDAP with the userid=squid

You are not. You are trying to bind to LDAP as a user:
ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de

And here are 2 strange things:
1) Why in base DN you are using "dc=fh-frankfurt" and in user DN "dc=fff". Base DN syntax is impotent, which one is really yours?
2) Why in base DN you are using "ou=user,dc=projekt1" while in user DN "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de". Do you have organization unit "daemon" and below is organization unit "user"?

> ... and check if the user test exsist with a password
Again, you are not. auth_ldap_digest accepts input string as a stdin, not as separate parameters of command line, so you should test it with:
echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

But I can't help you because I don't know what is a structure of your LDAP tree, what attribute keeps digest value, what attribute is used to disignate user and form user DN (probably 'uid'), what user is LDAP admin and what access rights do you have on your LDAP attributes.



0
 

Author Comment

by:eb2007
ID: 20403307
Thanks lot for you help.
My problem was, that my test was wrong.
I did´t know that i have to do it like this.
     echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

Our ldap konfigured a way, that it can check a certificate.
How can I configure squid a way, so that it can work with certificate.
We have already created a certificate.

THX
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question