Solved

Problem by asking password of LDAP

Posted on 2007-11-20
2
1,402 Views
Last Modified: 2012-06-22
Hi, I try to authentify with Digest_LDAP_auth my LDAP, but I get always an error statement.
I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.
I got an OU=daemon and UID=squid.
I got in OU=user and UID=test.
With the command :

digest_ldap_auth -v 3 -b "ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de" -D "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de" -u "uid=squid" -A "userPassword"-e -w test -h 192.xxx.xxx.xxx:389
test test
I tried to login to LDAP with the userid=squid and check if the user test exsist with a password.

The result of these is an ERR.

Can someone help me?
THX

0
Comment
Question by:eb2007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 20332136
Probably you have already read this HOWTO: http://wiki.squid-cache.org/KnowledgeBase/Using_the_digest_LDAP_authetication_helper

> I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.

It seems you are not. You are using this base dn (-b flag): ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de

> I tried to login to LDAP with the userid=squid

You are not. You are trying to bind to LDAP as a user:
ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de

And here are 2 strange things:
1) Why in base DN you are using "dc=fh-frankfurt" and in user DN "dc=fff". Base DN syntax is impotent, which one is really yours?
2) Why in base DN you are using "ou=user,dc=projekt1" while in user DN "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de". Do you have organization unit "daemon" and below is organization unit "user"?

> ... and check if the user test exsist with a password
Again, you are not. auth_ldap_digest accepts input string as a stdin, not as separate parameters of command line, so you should test it with:
echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

But I can't help you because I don't know what is a structure of your LDAP tree, what attribute keeps digest value, what attribute is used to disignate user and form user DN (probably 'uid'), what user is LDAP admin and what access rights do you have on your LDAP attributes.



0
 

Author Comment

by:eb2007
ID: 20403307
Thanks lot for you help.
My problem was, that my test was wrong.
I did´t know that i have to do it like this.
     echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

Our ldap konfigured a way, that it can check a certificate.
How can I configure squid a way, so that it can work with certificate.
We have already created a certificate.

THX
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
why should double free() crash? 7 35
Linux : how to point the OS to use the new DNS server 11 109
rolling back version of firefox 1 29
Install XRDP on Ubuntu Server 16.10 x64 3 58
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question