Solved

Problem by asking password of LDAP

Posted on 2007-11-20
2
1,405 Views
Last Modified: 2012-06-22
Hi, I try to authentify with Digest_LDAP_auth my LDAP, but I get always an error statement.
I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.
I got an OU=daemon and UID=squid.
I got in OU=user and UID=test.
With the command :

digest_ldap_auth -v 3 -b "ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de" -D "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de" -u "uid=squid" -A "userPassword"-e -w test -h 192.xxx.xxx.xxx:389
test test
I tried to login to LDAP with the userid=squid and check if the user test exsist with a password.

The result of these is an ERR.

Can someone help me?
THX

0
Comment
Question by:eb2007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 20332136
Probably you have already read this HOWTO: http://wiki.squid-cache.org/KnowledgeBase/Using_the_digest_LDAP_authetication_helper

> I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.

It seems you are not. You are using this base dn (-b flag): ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de

> I tried to login to LDAP with the userid=squid

You are not. You are trying to bind to LDAP as a user:
ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de

And here are 2 strange things:
1) Why in base DN you are using "dc=fh-frankfurt" and in user DN "dc=fff". Base DN syntax is impotent, which one is really yours?
2) Why in base DN you are using "ou=user,dc=projekt1" while in user DN "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de". Do you have organization unit "daemon" and below is organization unit "user"?

> ... and check if the user test exsist with a password
Again, you are not. auth_ldap_digest accepts input string as a stdin, not as separate parameters of command line, so you should test it with:
echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

But I can't help you because I don't know what is a structure of your LDAP tree, what attribute keeps digest value, what attribute is used to disignate user and form user DN (probably 'uid'), what user is LDAP admin and what access rights do you have on your LDAP attributes.



0
 

Author Comment

by:eb2007
ID: 20403307
Thanks lot for you help.
My problem was, that my test was wrong.
I did´t know that i have to do it like this.
     echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

Our ldap konfigured a way, that it can check a certificate.
How can I configure squid a way, so that it can work with certificate.
We have already created a certificate.

THX
0

Featured Post

Enroll in July's Course of the Month

July's Course of the Month is now available! Enroll to learn HTML5 and prepare for certification. It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question