Solved

Problem by asking password of LDAP

Posted on 2007-11-20
2
1,397 Views
Last Modified: 2012-06-22
Hi, I try to authentify with Digest_LDAP_auth my LDAP, but I get always an error statement.
I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.
I got an OU=daemon and UID=squid.
I got in OU=user and UID=test.
With the command :

digest_ldap_auth -v 3 -b "ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de" -D "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de" -u "uid=squid" -A "userPassword"-e -w test -h 192.xxx.xxx.xxx:389
test test
I tried to login to LDAP with the userid=squid and check if the user test exsist with a password.

The result of these is an ERR.

Can someone help me?
THX

0
Comment
Question by:eb2007
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 20332136
Probably you have already read this HOWTO: http://wiki.squid-cache.org/KnowledgeBase/Using_the_digest_LDAP_authetication_helper

> I use in LDAP the basedn dc=projekt1,dc=fb2,dc=fff,dc=de.

It seems you are not. You are using this base dn (-b flag): ou=user,dc=projekt1,dc=fb2,dc=fh-frankfurt,dc=de

> I tried to login to LDAP with the userid=squid

You are not. You are trying to bind to LDAP as a user:
ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de

And here are 2 strange things:
1) Why in base DN you are using "dc=fh-frankfurt" and in user DN "dc=fff". Base DN syntax is impotent, which one is really yours?
2) Why in base DN you are using "ou=user,dc=projekt1" while in user DN "ou=user,ou=daemon,dc=projekt1,dc=fb2,dc=fff,dc=de". Do you have organization unit "daemon" and below is organization unit "user"?

> ... and check if the user test exsist with a password
Again, you are not. auth_ldap_digest accepts input string as a stdin, not as separate parameters of command line, so you should test it with:
echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

But I can't help you because I don't know what is a structure of your LDAP tree, what attribute keeps digest value, what attribute is used to disignate user and form user DN (probably 'uid'), what user is LDAP admin and what access rights do you have on your LDAP attributes.



0
 

Author Comment

by:eb2007
ID: 20403307
Thanks lot for you help.
My problem was, that my test was wrong.
I did´t know that i have to do it like this.
     echo "test:realm_name_goes_here" | digest_ldap_auth -v 3 -b ...

Our ldap konfigured a way, that it can check a certificate.
How can I configure squid a way, so that it can work with certificate.
We have already created a certificate.

THX
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux Search 3 66
installed old nagios.... 13 115
Linux : can't create transaction lock error 1 59
OpenVPN Speed limitation to only 10 mbps 7 97
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now